smokeloader | 12f8f5b96ec82a8b7a8c601a6118e3cbe34fb5bf4fb1d12cf12198004f43beeb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12f8f5b96ec82a8b7a8c601a6118e3cbe34fb5bf4fb1d12cf12198004f43beeb
Size

229KB
Sample

221223-lzhhqsgc55
MD5

2900de4911e0d50be184b31e3397c068
SHA1

eabd863f11786e119aa8b4faf40adcb47211c4f0
SHA256

12f8f5b96ec82a8b7a8c601a6118e3cbe34fb5bf4fb1d12cf12198004f43beeb
SHA512

eb6943265ba03f06b649984ccc064244c4dd6ee94aca248ef5f9a5a0aa89631487358576be7a5a04caf3da63b1bdb58a7274e5e32dd1bb0f7ad06d8606814336
SSDEEP

3072:gdLbnf5VrQfBd7Sb4rL/ag4f0qkhu+oukz7T2bWBkOuRGK:ALbzyL/aJsq7ukPTqpjcK

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  12f8f5b96ec82a8b7a8c601a6118e3cbe34fb5bf4fb1d12cf12198004f43beeb
- Size
  
  229KB
- MD5
  
  2900de4911e0d50be184b31e3397c068
- SHA1
  
  eabd863f11786e119aa8b4faf40adcb47211c4f0
- SHA256
  
  12f8f5b96ec82a8b7a8c601a6118e3cbe34fb5bf4fb1d12cf12198004f43beeb
- SHA512
  
  eb6943265ba03f06b649984ccc064244c4dd6ee94aca248ef5f9a5a0aa89631487358576be7a5a04caf3da63b1bdb58a7274e5e32dd1bb0f7ad06d8606814336
- SSDEEP
  
  3072:gdLbnf5VrQfBd7Sb4rL/ag4f0qkhu+oukz7T2bWBkOuRGK:ALbzyL/aJsq7ukPTqpjcK
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan