smokeloader | 593e1e26a231c4dc6ecd6e4bd89f24bd1573732f0787407b894d185f66860bbc | Triage

Sharing

General

Target

05ae27ee9ffc2a40ff97b548513e57d9.bin
Size

135KB
Sample

230209-h3xv2she86
MD5

42c6299307227db5038ff433ca56290d
SHA1

04b3d877832852576340258feb5972e3ff7726be
SHA256

593e1e26a231c4dc6ecd6e4bd89f24bd1573732f0787407b894d185f66860bbc
SHA512

0828851bf0839a8688f229150421784a6bb8a0251b5386fada168515a061e1c7666abfe5f6471b8fa2f21da8096e4d9cb0bc43d4691141743735d543c80ec713
SSDEEP

3072:p1PdBASC1IqGwtqqLI3GZiJLvZfyoTphUPOU6ybT:rLRCeVeqqLI3GZitvZfyhOebT

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  5388fe22307a6304c990a59596a87127f668ae62b05599df1ada23da512d4e47.exe
- Size
  
  193KB
- MD5
  
  05ae27ee9ffc2a40ff97b548513e57d9
- SHA1
  
  6d25620166b7cc6be53c11fd28cac25676c003fb
- SHA256
  
  5388fe22307a6304c990a59596a87127f668ae62b05599df1ada23da512d4e47
- SHA512
  
  dfe1ef83cdd9ab834d56b68882f38092be9e002aec2958e2c6d3f7aca2bf15b8ab15b13e6d14862e95babba1e369b58a689dc116c98c5850cb8d4a762695167a
- SSDEEP
  
  3072:ypyOVQFtet3LNZbWkE5NkDfIHeUz2kGbkff0mbsaiwSo3:ypyTQ3LTbhG+/yHxiwSo3
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan