smokeloader | 41e684ae9035114b4931514243de31b8a4a9020f22698711fe61ad66bba31255 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

253KB
Sample

230216-zbjb1sbg75
MD5

5e4ce5bdab5355fa1ea0c358391568f9
SHA1

8b6850eeca5d947cf804180f4ddf516879fbd1e1
SHA256

41e684ae9035114b4931514243de31b8a4a9020f22698711fe61ad66bba31255
SHA512

aa5dcbf3a5e60c764c795943d785b93258621af860762318b18650dd71d72c5ec7c00c99b379a86c2cb82f12201179509e020575b130a55f24c3b9bc9f48dcc0
SSDEEP

3072:w+TpmAL25UG6syPfAETUZDZFFNKO1LFJZhnbxUEuKHhoHPV6Y8Y:XpvL66UETGDZFFf1RPhnbxJhHKHbX

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file
- Size
  
  253KB
- MD5
  
  5e4ce5bdab5355fa1ea0c358391568f9
- SHA1
  
  8b6850eeca5d947cf804180f4ddf516879fbd1e1
- SHA256
  
  41e684ae9035114b4931514243de31b8a4a9020f22698711fe61ad66bba31255
- SHA512
  
  aa5dcbf3a5e60c764c795943d785b93258621af860762318b18650dd71d72c5ec7c00c99b379a86c2cb82f12201179509e020575b130a55f24c3b9bc9f48dcc0
- SSDEEP
  
  3072:w+TpmAL25UG6syPfAETUZDZFFNKO1LFJZhnbxUEuKHhoHPV6Y8Y:XpvL66UETGDZFFf1RPhnbxJhHKHbX
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan