Malware Analysis – smokeloader – 228c8eb91f844d89235c7bc80ad57a85

October 31, 2022

Malware Analysis

Score: 10

  • MALWARE FAMILY: smokeloader
  • TAGS:family:smokeloader, backdoor, trojan
  • MD5: 228c8eb91f844d89235c7bc80ad57a85
  • SHA1: ad06384bedb70d6a90efe277bea1b440a6d76d83
  • ANALYSIS DATE: 2022-10-31T15:34:53Z
  • TTPS: T1012, T1120, T1082

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A
Tags: , , ,

You may have missed

image

[COINBASECARTEL] – Ransomware Victim: Limocar by Transdev[.]ca

October 26, 2025
image

[PLAY] – Ransomware Victim: Metal Pros

October 26, 2025
image

[PLAY] – Ransomware Victim: LaBonne

October 26, 2025
image

[EVEREST] – Ransomware Victim: Dublin Airport

October 26, 2025
image

[INCRANSOM] – Ransomware Victim: auge[.]com

October 26, 2025