smokeloader | 09d713618f3139c7e104e9d3244ba23d7213b93b39ba9fbc39d0564557d3781e | Triage

Sharing

General

Target

ec6dacfd97aa097ea22095450b34c99e_JaffaCakes118
Size

151KB
Sample

240919-3xdkfaxfpe
MD5

ec6dacfd97aa097ea22095450b34c99e
SHA1

9c2fa306d2bf9da9fe622afa1aded8340e746e4b
SHA256

09d713618f3139c7e104e9d3244ba23d7213b93b39ba9fbc39d0564557d3781e
SHA512

cc49a149198ebee22773f22d86755817162569fd725c7d4b272afb294c69f48d15e33596a023837fe682a48610109adbacee5c739127041c5f332c81a1261254
SSDEEP

3072:bTYw11j/e9XF50qOh85MYbD9N9pZd7Ixj66VsEfq1m:ZQZ/lMKRN9N05nTq1m

Score

10^/10

smokeloader li11 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  ec6dacfd97aa097ea22095450b34c99e_JaffaCakes118
- Size
  
  151KB
- MD5
  
  ec6dacfd97aa097ea22095450b34c99e
- SHA1
  
  9c2fa306d2bf9da9fe622afa1aded8340e746e4b
- SHA256
  
  09d713618f3139c7e104e9d3244ba23d7213b93b39ba9fbc39d0564557d3781e
- SHA512
  
  cc49a149198ebee22773f22d86755817162569fd725c7d4b272afb294c69f48d15e33596a023837fe682a48610109adbacee5c739127041c5f332c81a1261254
- SSDEEP
  
  3072:bTYw11j/e9XF50qOh85MYbD9N9pZd7Ixj66VsEfq1m:ZQZ/lMKRN9N05nTq1m
Score

10^/10

smokeloader li11 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderli11backdoordiscoverytrojan

behavioral2

smokeloaderli11backdoordiscoverytrojan