smokeloader | f240f224d924ca12c2842df1255ff420ee639bfc02b04b68ba83e8dc34565bdc | Triage

Sharing

General

Target

f240f224d924ca12c2842df1255ff420ee639bfc02b04b68ba83e8dc34565bdc
Size

306KB
Sample

230107-jtpczsda94
MD5

4b78938e4f646491e4a57477361c1827
SHA1

9b251c9a8eef7897df3b4c82e6a8460829aada30
SHA256

f240f224d924ca12c2842df1255ff420ee639bfc02b04b68ba83e8dc34565bdc
SHA512

3ffd8fdfb9e608dc40004c2bd0bb2d4bda9698a3222d7b2e2300a08a34b5109b16a33f0f5ab91778d079ef5b80137c58d479cf02f1836db99d399ff188672188
SSDEEP

3072:z3X/ADLhBxD20Ld5BrdYFUc/w8CURH2BDS/o3H4Z5Kv8IFl7i6zSbdL:DQLhrHQy8v12BDS/i458D1i6Wb

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  f240f224d924ca12c2842df1255ff420ee639bfc02b04b68ba83e8dc34565bdc
- Size
  
  306KB
- MD5
  
  4b78938e4f646491e4a57477361c1827
- SHA1
  
  9b251c9a8eef7897df3b4c82e6a8460829aada30
- SHA256
  
  f240f224d924ca12c2842df1255ff420ee639bfc02b04b68ba83e8dc34565bdc
- SHA512
  
  3ffd8fdfb9e608dc40004c2bd0bb2d4bda9698a3222d7b2e2300a08a34b5109b16a33f0f5ab91778d079ef5b80137c58d479cf02f1836db99d399ff188672188
- SSDEEP
  
  3072:z3X/ADLhBxD20Ld5BrdYFUc/w8CURH2BDS/o3H4Z5Kv8IFl7i6zSbdL:DQLhrHQy8v12BDS/i458D1i6Wb
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan