smokeloader | 8cd044354aa26479f0013b16b32527c004580ca7cbe3386c3f139a415e2a3c2d | Triage

Sharing

General

Target

85de96cade3b736a44eca6cb5a599ba1c26bd617302223baa79f99341fa2b8c1
Size

139KB
Sample

221228-313nqsca38
MD5

a41658e00b4d18d090f754d050cdb5e4
SHA1

4675e78a7f822926a79aaa242f293c47fdeb46cf
SHA256

8cd044354aa26479f0013b16b32527c004580ca7cbe3386c3f139a415e2a3c2d
SHA512

531ee4c7a70276e2c0f251ebe5051e8d71fa091250c5d2ef2a1152ae4c352cca836bb4a169a92689176108da4781307039180c89e6bb072087119117a9dd334b
SSDEEP

3072:BuooVIFkdxIJbFzsSEMPqBxkVC+0ldsymcNcENVnIlZ6Tp68iOB9:0oMeixIJbFzLsk8+/xgy0TN

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  85de96cade3b736a44eca6cb5a599ba1c26bd617302223baa79f99341fa2b8c1
- Size
  
  230KB
- MD5
  
  3a3372846849d87a8feb130cb6a70cfc
- SHA1
  
  ff273cacc006e03d8981bdc390951be92e5e5ae5
- SHA256
  
  85de96cade3b736a44eca6cb5a599ba1c26bd617302223baa79f99341fa2b8c1
- SHA512
  
  b13031683fe1d7918e7200e927e32e666253ea8c1749ea90ea236e181c205e79d48b01edd6d7e7e047d8e70db91cd474c2b07c6a295b2679814f8542addda07c
- SSDEEP
  
  3072:JLOLCqDQkc5tYItFRe501f1SaV7xbK4EyNYBSMyiEPtYKs/xAI99:4LCIykcnxblNY9k1YDZ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan