smokeloader | 9a18788e80c7229243b9cae0dee744bf74938146efe8a18355e932f3dce7d166 | Triage

Sharing

General

Target

f5c8561328203d7a75ffa641d2c0ba4f_JaffaCakes118
Size

124KB
Sample

240925-matp5szdjr
MD5

f5c8561328203d7a75ffa641d2c0ba4f
SHA1

3e0097b08a32ddadcd2dab37b7d704c2a376e532
SHA256

9a18788e80c7229243b9cae0dee744bf74938146efe8a18355e932f3dce7d166
SHA512

a4c8d6fb84ca1616f64ae258b3c2bc1351a6a41a64a1ef74d8c59b636d5db939755550191a766cc0fd9d9a7495068e32aa362ec1e3bf2aa882daa79ac06ae160
SSDEEP

3072:T2urpPCpOvLco/1VqHVZAaGwXRNj7uPj5FEmdWh:BrFCpeco/37wvWb5j

Score

10^/10

smokeloader li11 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  f5c8561328203d7a75ffa641d2c0ba4f_JaffaCakes118
- Size
  
  124KB
- MD5
  
  f5c8561328203d7a75ffa641d2c0ba4f
- SHA1
  
  3e0097b08a32ddadcd2dab37b7d704c2a376e532
- SHA256
  
  9a18788e80c7229243b9cae0dee744bf74938146efe8a18355e932f3dce7d166
- SHA512
  
  a4c8d6fb84ca1616f64ae258b3c2bc1351a6a41a64a1ef74d8c59b636d5db939755550191a766cc0fd9d9a7495068e32aa362ec1e3bf2aa882daa79ac06ae160
- SSDEEP
  
  3072:T2urpPCpOvLco/1VqHVZAaGwXRNj7uPj5FEmdWh:BrFCpeco/37wvWb5j
Score

10^/10

smokeloader li11 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderli11backdoordiscoverytrojan

behavioral2

smokeloaderli11backdoordiscoverytrojan