smokeloader | 035dad8c5fb3dcb774defe9b4474eec0622087f08682669fce1a9489dceac28f | Triage

Sharing

General

Target

a5ee390ef3d2041749305489804fc2cf_JaffaCakes118
Size

93KB
Sample

240818-jgc47awcnm
MD5

a5ee390ef3d2041749305489804fc2cf
SHA1

3446e6182e0bf9a56e44a5e26c301ec2167da894
SHA256

035dad8c5fb3dcb774defe9b4474eec0622087f08682669fce1a9489dceac28f
SHA512

ab77a14ed86476380373b6389992c36211def2e376fb6c2d1eecef5e912a0d423cc7c58d4942e1c71e6f39a932f9146d31293785d014866039cf21147d2ab089
SSDEEP

1536:0NY4Wd4p2BgJkaO/4ORpGFfh5NkXTS9lfSZWB6q7Szp1FPQaXQ0OVVl:EY6igS1dEFZquz6ZO6qmF1FPzg0Onl

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  PO_229933.xls.exe
- Size
  
  82KB
- MD5
  
  90313f085fd67e5291224bf6ada89f83
- SHA1
  
  f2d515016d95048e159722ed8b0c4802e5f26a3c
- SHA256
  
  8851198fe51d57d89d841b942657cfb301edb3be7e3cbb64bbb8199fd6778f47
- SHA512
  
  d7da5fe8bae690942456ab55ef3011eae9e1b01e314243d65f1ef76bfe0b9f1ccce412726865a509b97d5a2dd4ad8a37c0fc2a2907702481fc397aed7d9de6a5
- SSDEEP
  
  1536:6UkviO5JCrTcEADkfTbrc2di3t/4mDEdjqZf6pTtrsCLs50mIZHc4TgzqhZHiNz:6Uv+0vcPaoftVgufWYCLVmH1+Ez
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  vcruntime140.dll
- Size
  
  78KB
- MD5
  
  6707ad709efc9c1d969bfa285c2466f8
- SHA1
  
  c3cb546227193a49a779b9f6180a32216c98c75b
- SHA256
  
  4a8389de14116b867c744898958d5a2472b8d6ce6ae4d7cac41cfe9432c5a64e
- SHA512
  
  97080f61e06e3a59de7abdcf056e9afdf36d4f4e7b241e6ff50d11b6bb631aed438ee11d71dc3de2d20699356b323d8d7bf06e9e85134cd2724663a524b01503
- SSDEEP
  
  1536:lF2886xv555et/MCsjw0BuRK3jteo0ecbAw086dhv:lF28V55At/zqw+IquecbAw082
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan

behavioral3

behavioral4