smokeloader | aae683b7ccbdbe56badacd5a29d7f2bfb4300e14b3009686989926b352a71ac0 | Triage

Sharing

General

Target

8930e797059a098216460be1843d5862686b38fc9960f62c58819dd4c1ca2f71
Size

140KB
Sample

230215-jzjdxsah46
MD5

9510a16a8f0bd12356027bb3799cfa20
SHA1

2fa8ba0cd5bfc5530f895aee292bbf950919a322
SHA256

aae683b7ccbdbe56badacd5a29d7f2bfb4300e14b3009686989926b352a71ac0
SHA512

c62778a46f6ecd8d46cec42af2daecb80372a5a49585783a60744a2a9b60b951bc2addc9fb0093e880f062f082237a3d8741b6289a19862905a413e846591747
SSDEEP

3072:zbczKlTr5s4TVMhQg5Z+rQFqRtK4laSDRaKyyRg3ftQ:EMpsLoe4ld4ggO

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  8930e797059a098216460be1843d5862686b38fc9960f62c58819dd4c1ca2f71
- Size
  
  194KB
- MD5
  
  d74cb831fffc47c26291eab5eab4f482
- SHA1
  
  283879d0fbf65d38d444948b5335d36340f8da8d
- SHA256
  
  8930e797059a098216460be1843d5862686b38fc9960f62c58819dd4c1ca2f71
- SHA512
  
  38046c346b0361acae9ddd39878125f716303ae6df97788b38e9d061aaa57a3736919696c8009af5242b4f7b01da3f715770e6fc2a1e4d9a7c9dfdf400490188
- SSDEEP
  
  3072:FJNZb9LsuAF5aeDZPkbBcC0CItK4laSDRcKAnltxIJ:VLtAyndT4ldSltx
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan