smokeloader | 81d8755ad38f0609893f910b9b66a632de3f017e4f6412b77864af169f8c33d0 | Triage

Sharing

General

Target

81d8755ad38f0609893f910b9b66a632de3f017e4f6412b77864af169f8c33d0
Size

215KB
Sample

241104-rxelys1hkj
MD5

5ba4359831e09d079eb3b082d01c9f8f
SHA1

adddf5c8d43038495a3c6a1955b13f2c5ec24a30
SHA256

81d8755ad38f0609893f910b9b66a632de3f017e4f6412b77864af169f8c33d0
SHA512

d4a35c186da742eb1c85812581d60208f744ab58deab7c9263eb11a1f2139517f7962cfc33436400c870608892b1921229eabe829bd674f03774c10b90b468e3
SSDEEP

6144:p2Ekf4K+TcVecCCBpSkCpoAuudsIXKCL3CcpnEUgDaAkAejE7o:YEkf4K+TcuCvqoAuuhXLsUgDaAaAo

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  f807f6cdb4bb325a656be88d4d9fdcda519d82c3e1aa905445023093b67a0a1b.exe
- Size
  
  325KB
- MD5
  
  971528067d09f92a9a6cc5da1c3a5789
- SHA1
  
  71d45d4e8d570dce0d6d153b9a188938e27e5013
- SHA256
  
  f807f6cdb4bb325a656be88d4d9fdcda519d82c3e1aa905445023093b67a0a1b
- SHA512
  
  f6a7c7897323bcf09c6d6d752df5f8f592f429571547e81f4f3f55bf56d51b9d355a0ecb30ff61e042e526310636755b94de170134675276183a90c6ccd1676b
- SSDEEP
  
  3072:c8ky08LXV9P0M5OJiREsH6cxCoLg+krQ2q+5KH3zAOP2lKEssMOeY5QHShyEKVYp:wKLF9EU4cxPBUqoYjAOPZElnyHS5+YY
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan