smokeloader | 42eadb52c6e534855220bf57a54694931bcd25df3c4fe2c0643771881dc3eaef | Triage

Submit
Reports

Overview

overview

Static

static

1

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

300KB
Sample

230207-cez3lscb41
MD5

00d0869728651a7afdb4f7ba59699197
SHA1

c40baf73db73714c52597bc306d5e97f924f172f
SHA256

42eadb52c6e534855220bf57a54694931bcd25df3c4fe2c0643771881dc3eaef
SHA512

833a578cbe474383649dc3ef9bf1e48502a377d0f8848480d3fe851fc08bf79f057300506b33ef409a1382494618b24f5b6a64905a2ff4b33fda31b8c557b54a
SSDEEP

6144:McWLB/ZXYp1yTUx/8aGHAZ+xOzzdaT8AuQj9sy3Ta:bW9/No1h8aGH/xOdaT8Alj7T

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  300KB
- MD5
  
  00d0869728651a7afdb4f7ba59699197
- SHA1
  
  c40baf73db73714c52597bc306d5e97f924f172f
- SHA256
  
  42eadb52c6e534855220bf57a54694931bcd25df3c4fe2c0643771881dc3eaef
- SHA512
  
  833a578cbe474383649dc3ef9bf1e48502a377d0f8848480d3fe851fc08bf79f057300506b33ef409a1382494618b24f5b6a64905a2ff4b33fda31b8c557b54a
- SSDEEP
  
  6144:McWLB/ZXYp1yTUx/8aGHAZ+xOzzdaT8AuQj9sy3Ta:bW9/No1h8aGH/xOdaT8Alj7T
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy