smokeloader | ee21b16de440773fe80af44967a07ff207749ae37a4aa5eb21690f357491cce3 | Triage

Sharing

General

Target

f36eb03a20fe643fd4d252785c4cff49_JaffaCakes118
Size

485KB
Sample

240924-mglm4svbmd
MD5

f36eb03a20fe643fd4d252785c4cff49
SHA1

d4eb1a300e53381f765d0f1ad30cf515c4417f9d
SHA256

ee21b16de440773fe80af44967a07ff207749ae37a4aa5eb21690f357491cce3
SHA512

eb643fbd8658ab0190e4f5d32f7609ae7909cdc41bde2f0e0ddd4050548f319affe36f3135fc3554946999db2e85d220d8dc41f336f9092cd6c42509906e0e4b
SSDEEP

6144:WVTmaPmEjiN9X93byQ3faYSmVOjYNRmWebjYCg0BnnjbLU0wTGYVevJLVpRhFGhE:WVTmauWiN9FuQBMWebzzvwTGgy5GhE

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  f36eb03a20fe643fd4d252785c4cff49_JaffaCakes118
- Size
  
  485KB
- MD5
  
  f36eb03a20fe643fd4d252785c4cff49
- SHA1
  
  d4eb1a300e53381f765d0f1ad30cf515c4417f9d
- SHA256
  
  ee21b16de440773fe80af44967a07ff207749ae37a4aa5eb21690f357491cce3
- SHA512
  
  eb643fbd8658ab0190e4f5d32f7609ae7909cdc41bde2f0e0ddd4050548f319affe36f3135fc3554946999db2e85d220d8dc41f336f9092cd6c42509906e0e4b
- SSDEEP
  
  6144:WVTmaPmEjiN9X93byQ3faYSmVOjYNRmWebjYCg0BnnjbLU0wTGYVevJLVpRhFGhE:WVTmauWiN9FuQBMWebzzvwTGgy5GhE
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan