smokeloader | be943cff3ddc8fddaba89b354a54c6097cc4182be24253bf5edfd06565ad5f90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

194KB
Sample

230203-q9vchaff22
MD5

1082dc2824b2ee52285f8dab5b4adcd8
SHA1

8e6ec81947e73b447c6ae9e287d827873a74dc24
SHA256

be943cff3ddc8fddaba89b354a54c6097cc4182be24253bf5edfd06565ad5f90
SHA512

ac7972ca2ade50bc1b0da44d40d815cc347122db408cf47da8aed801fa009f59fbb472511c933873a0844ebd92d51f300fa2e096546b2360cb34442221fa720c
SSDEEP

3072:ae27kNl/aFVs7hLZjZKpuWls584tAe8eUFk4ypmvSmYZWejy7zxx:ae+Fs7hLdZeutedImvSmYZFjkzz

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  194KB
- MD5
  
  1082dc2824b2ee52285f8dab5b4adcd8
- SHA1
  
  8e6ec81947e73b447c6ae9e287d827873a74dc24
- SHA256
  
  be943cff3ddc8fddaba89b354a54c6097cc4182be24253bf5edfd06565ad5f90
- SHA512
  
  ac7972ca2ade50bc1b0da44d40d815cc347122db408cf47da8aed801fa009f59fbb472511c933873a0844ebd92d51f300fa2e096546b2360cb34442221fa720c
- SSDEEP
  
  3072:ae27kNl/aFVs7hLZjZKpuWls584tAe8eUFk4ypmvSmYZWejy7zxx:ae+Fs7hLdZeutedImvSmYZFjkzz
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan