smokeloader | cad7f464f826743626256757eeb973fbb9690a55053edb34084565f5f62f4551 | Triage

Sharing

General

Target

cad7f464f826743626256757eeb973fbb9690a55053edb34084565f5f62f4551
Size

320KB
Sample

221206-f6pyhahe67
MD5

6c9b612844fce6245ce6e14d52fb86ff
SHA1

d55f6f8b70033d7f909f6f64b975c263ba02ab5a
SHA256

cad7f464f826743626256757eeb973fbb9690a55053edb34084565f5f62f4551
SHA512

fcb72cff36322923f3b956a029e02cc28c7240e07d9e1eaf7e79e8582af20624e3f5f90d10b7b22daf46c75e90e4ec9f8078a42651f3f91afa04a3a00b113b66
SSDEEP

3072:d88XUKQxMBWyZxmqJLk41ANaB5aT+AGpgJcGttunHPSeJcHU2r2HiSRK5BhKJdsP:nWMBWyZdLkYANaeTOmJB8SeJXPRKneF

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  cad7f464f826743626256757eeb973fbb9690a55053edb34084565f5f62f4551
- Size
  
  320KB
- MD5
  
  6c9b612844fce6245ce6e14d52fb86ff
- SHA1
  
  d55f6f8b70033d7f909f6f64b975c263ba02ab5a
- SHA256
  
  cad7f464f826743626256757eeb973fbb9690a55053edb34084565f5f62f4551
- SHA512
  
  fcb72cff36322923f3b956a029e02cc28c7240e07d9e1eaf7e79e8582af20624e3f5f90d10b7b22daf46c75e90e4ec9f8078a42651f3f91afa04a3a00b113b66
- SSDEEP
  
  3072:d88XUKQxMBWyZxmqJLk41ANaB5aT+AGpgJcGttunHPSeJcHU2r2HiSRK5BhKJdsP:nWMBWyZdLkYANaeTOmJB8SeJXPRKneF
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan