smokeloader | 778df7488b659a15b38e07eb9ce521f48df15258eed4512b762adcf2173402f8 | Triage

Sharing

General

Target

778df7488b659a15b38e07eb9ce521f48df15258eed4512b762adcf2173402f8
Size

219KB
Sample

240524-k33seacb3s
MD5

367c8f95ea1174ed018dcb362bd5e61d
SHA1

d8228f30aff54f959bc5f6b172d4c2c97875f5b7
SHA256

778df7488b659a15b38e07eb9ce521f48df15258eed4512b762adcf2173402f8
SHA512

a903c19a0c68f4daf00a63cc90f13841d9199e0b774c9dc70d9239d4f3608359bdfb1f4ac4517cb36d2f3605a337804fc049ec2a193a034a411b85465c9ca7c3
SSDEEP

3072:luzCfm7An+c1jkFgRRdrcv+eEl+XkaatVPTAbxSHsSBPn5Rv94uy:BfmcnNj6gRLry4rSIN5R

Score

10^/10

smokeloader sel2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sel2

Targets

- Target
  
  778df7488b659a15b38e07eb9ce521f48df15258eed4512b762adcf2173402f8
- Size
  
  219KB
- MD5
  
  367c8f95ea1174ed018dcb362bd5e61d
- SHA1
  
  d8228f30aff54f959bc5f6b172d4c2c97875f5b7
- SHA256
  
  778df7488b659a15b38e07eb9ce521f48df15258eed4512b762adcf2173402f8
- SHA512
  
  a903c19a0c68f4daf00a63cc90f13841d9199e0b774c9dc70d9239d4f3608359bdfb1f4ac4517cb36d2f3605a337804fc049ec2a193a034a411b85465c9ca7c3
- SSDEEP
  
  3072:luzCfm7An+c1jkFgRRdrcv+eEl+XkaatVPTAbxSHsSBPn5Rv94uy:BfmcnNj6gRLry4rSIN5R
Score

10^/10

smokeloader sel2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloadersel2backdoortrojan

behavioral2

smokeloadersel2backdoortrojan