smokeloader | c514c22ccbdf3b66a902f2d02b4515920656ac636ce2a4fc683961c25702c59e | Triage

Sharing

General

Target

svc.exe
Size

230KB
Sample

240911-1hx97avcqf
MD5

ae6112b72845c6a495561783ac5eeffd
SHA1

b68bcb7c4ce8405fd0a99405572c5ada2aa4d41d
SHA256

c514c22ccbdf3b66a902f2d02b4515920656ac636ce2a4fc683961c25702c59e
SHA512

c05f2f5ea942fd8e8d9dbf1509a0a0022039dd041996d9dec372916c4a177236c3d1205052294f09d616f547b3335d4e53f007d1a5498653568aa1db09a88112
SSDEEP

3072:H/1jzPSnqwkPpggXpSKKpP0btl+CzgwA+uQTdzZ/p+sC7Bjtjf4f:f1jzaqwkPzKCBIV+uQTdJD6Bjq

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  svc.exe
- Size
  
  230KB
- MD5
  
  ae6112b72845c6a495561783ac5eeffd
- SHA1
  
  b68bcb7c4ce8405fd0a99405572c5ada2aa4d41d
- SHA256
  
  c514c22ccbdf3b66a902f2d02b4515920656ac636ce2a4fc683961c25702c59e
- SHA512
  
  c05f2f5ea942fd8e8d9dbf1509a0a0022039dd041996d9dec372916c4a177236c3d1205052294f09d616f547b3335d4e53f007d1a5498653568aa1db09a88112
- SSDEEP
  
  3072:H/1jzPSnqwkPpggXpSKKpP0btl+CzgwA+uQTdzZ/p+sC7Bjtjf4f:f1jzaqwkPzKCBIV+uQTdJD6Bjq
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan