smokeloader | 02f86c67205d49488a1877958949126ce5f953945a027761dd71f1bdf62aa3c2 | Triage

Sharing

General

Target

c3ee74a1002972ecf8098fc33c181bf0N
Size

111KB
Sample

240910-n4bbbsshjm
MD5

c3ee74a1002972ecf8098fc33c181bf0
SHA1

5485f8410ebe6feff63fc1eaf04698573ed0c08d
SHA256

02f86c67205d49488a1877958949126ce5f953945a027761dd71f1bdf62aa3c2
SHA512

b266dd99ad9138ee76db3818c522302a2fd3bb45d34630d131c7f9cb69f5a008b68d99210b406b60992e20f73812be07c3858d57c33a16ba0fda470bd954f2d0
SSDEEP

3072:36rxD6ApK4zjJof3688o0fjmBB6SH6zay4uko:sxD6Mbo0fCX6+Ruj

Score

10^/10

smokeloader ku11 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

ku11

Targets

- Target
  
  c3ee74a1002972ecf8098fc33c181bf0N
- Size
  
  111KB
- MD5
  
  c3ee74a1002972ecf8098fc33c181bf0
- SHA1
  
  5485f8410ebe6feff63fc1eaf04698573ed0c08d
- SHA256
  
  02f86c67205d49488a1877958949126ce5f953945a027761dd71f1bdf62aa3c2
- SHA512
  
  b266dd99ad9138ee76db3818c522302a2fd3bb45d34630d131c7f9cb69f5a008b68d99210b406b60992e20f73812be07c3858d57c33a16ba0fda470bd954f2d0
- SSDEEP
  
  3072:36rxD6ApK4zjJof3688o0fjmBB6SH6zay4uko:sxD6Mbo0fCX6+Ruj
Score

10^/10

smokeloader ku11 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderku11backdoordiscoverytrojan

behavioral2

smokeloaderku11backdoordiscoverytrojan