smokeloader | 790ed43e41cdce94bde4a267a45668a85ab4b7bc0679b76c3dca5231dbe81960 | Triage

Sharing

General

Target

790ed43e41cdce94bde4a267a45668a85ab4b7bc0679b76c3dca5231dbe81960
Size

285KB
Sample

230103-f6e4asaa98
MD5

7a5143792783061157dcb2a4b0a9931a
SHA1

5cb654586b977c4c4d52bc1a1326bd50a3417a5b
SHA256

790ed43e41cdce94bde4a267a45668a85ab4b7bc0679b76c3dca5231dbe81960
SHA512

2c09ef63c941ee86c209c43858a78251dbffd73711b7a6ca051aaa26997a0269f43dc3e7ee87f4cee5e3f55b2ffbf70932f95edfa0ff5d156dad16904f966141
SSDEEP

3072:JMqMJ0kQg6p56Y85uRIjvNXTRJiCq7S8nq:SqSL6mY8QSjRTOCqa

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  790ed43e41cdce94bde4a267a45668a85ab4b7bc0679b76c3dca5231dbe81960
- Size
  
  285KB
- MD5
  
  7a5143792783061157dcb2a4b0a9931a
- SHA1
  
  5cb654586b977c4c4d52bc1a1326bd50a3417a5b
- SHA256
  
  790ed43e41cdce94bde4a267a45668a85ab4b7bc0679b76c3dca5231dbe81960
- SHA512
  
  2c09ef63c941ee86c209c43858a78251dbffd73711b7a6ca051aaa26997a0269f43dc3e7ee87f4cee5e3f55b2ffbf70932f95edfa0ff5d156dad16904f966141
- SSDEEP
  
  3072:JMqMJ0kQg6p56Y85uRIjvNXTRJiCq7S8nq:SqSL6mY8QSjRTOCqa
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan