smokeloader | a245ae7446c15a250e54d907ebe57b10d2a2c6ebf19f08c8386435b26918074b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f78d77b47be6ac716c67174226944e8a1e86cd59f75456bd1330160710f98844
Size

161KB
Sample

230114-w35sjsbg27
MD5

abf2af9d7caf396e65dd59a4e873676e
SHA1

d41a96ba04f31c2c00183f37fd393883b5841e8c
SHA256

a245ae7446c15a250e54d907ebe57b10d2a2c6ebf19f08c8386435b26918074b
SHA512

a298374f7449414b3734ef38dd961986e6880fe8efecef4c282f8ebb6d607c0978dbcdb2eebe6188bcd7a077fe3020079d4a071b1f1ef92fdcb599270a98bc6b
SSDEEP

3072:gfoeo9bpdm0xCEDT4OZ1Ckh7jxsYCw2uDFyywVI2cTpaRroqEFHT7t3:gR2GUXnwkscRbwxcTpCroNHT7t3

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  f78d77b47be6ac716c67174226944e8a1e86cd59f75456bd1330160710f98844
- Size
  
  260KB
- MD5
  
  5d6911c0ecd29af35a5c21d36558f258
- SHA1
  
  0c31781bcbfb0acf60925aa0d71f6a81c077d9bb
- SHA256
  
  f78d77b47be6ac716c67174226944e8a1e86cd59f75456bd1330160710f98844
- SHA512
  
  74abdd7de80e393379e7d3bd9811debc34d0185ec429f0b629abbd8852970612691fce54dc11c9f0cb766654f7578697e4324fb7324803e2f269d1f1281fcf88
- SSDEEP
  
  3072:3XmpSrmr5RMoKwV6+sIF8h7jxsYCw2uBx0wvo/apb8pBI8jwWRjoV:n+3k+sIFMsc2wVpgpRjFE
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan