smokeloader | 0db2cdca35f12d84a682f5e41091d718cb9c8dc4820fc2091a74d18ca559b5f6 | Triage

Sharing

General

Target

svc.exe.zip
Size

133KB
Sample

241002-dmsh6sxgmb
MD5

8120b79c4428e3613bcf6d9341bd9033
SHA1

d2275553cd06fb01354afa60b0e95c78acc17fc3
SHA256

0db2cdca35f12d84a682f5e41091d718cb9c8dc4820fc2091a74d18ca559b5f6
SHA512

ee9bfefe48f3432972d3afdab55b551b983e8703c7cfe6a3897a1bb0d1ec945e6eff9aba5cbc87b020e0ec41943df7c1e8d00c33d7cbccaeeeabf657d08830f8
SSDEEP

3072:YvHNj1rAj+P/y54Y42DhMaMFA/rdz4hJFXjnPRsMAYK0Ym9/+:YfOcqzMaMUxzGFX7mMu0Ds

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  svc.exe.bin
- Size
  
  214KB
- MD5
  
  4e30f8fa403546790a16a9b0e0c72f02
- SHA1
  
  a22f898920194c5e191abfd535fa79ee387fbd8b
- SHA256
  
  c62d2fd76a5742a08db7157ad38b2f0209a11e8e9cc698902dbf366913fae535
- SHA512
  
  a185e55c43d91395460bed714de3832aabce18227148c6b23a1e35388d6172c19c7aa7769999d04bf81d38be62bafb46dac2e641c8afc4679ef051ae94cdc015
- SSDEEP
  
  3072:SaLB7RwDvY4WMouj3QF7b5qlY8ZeyrgoidA33nMs3j42:SaLlRwDvHNxTZeypbXXT
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan