smokeloader | 49eea34c9d1ba8134d0fb00e58a48b82ae55d859ef9f9e65cff45b3a5c1135d9 | Triage

Sharing

General

Target

2462cf949caf67480fa1e70d2192ba40
Size

127KB
Sample

241104-xlh3wswark
MD5

2462cf949caf67480fa1e70d2192ba40
SHA1

e447714656dcb7982301239af0e0de00a9995cca
SHA256

49eea34c9d1ba8134d0fb00e58a48b82ae55d859ef9f9e65cff45b3a5c1135d9
SHA512

6d75f9a303ba9e18b6a6a35be9360753932c85c55b0b2b1f62fbab45de50491970234d3d3b52b8dd4cbf3dfebbce74efa0fa0ee9dd1fc2d9ed15aa797db26e0e
SSDEEP

3072:53Oxv02adallVv09cjQFnBHO710ejUhEZ+Y7Ix6g:4xvWQlVv0cjYnBH4mwIT

Score

10^/10

smokeloader slov backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

slov

Targets

- Target
  
  8b9e49bfd692fb8d963d351b1054faf68a705194d78250e67c92802b831635ec
- Size
  
  206KB
- MD5
  
  6346b6e8dfe0180406c5ea967df76734
- SHA1
  
  a0d603758a37367c654695e7a238a61a7de900c0
- SHA256
  
  8b9e49bfd692fb8d963d351b1054faf68a705194d78250e67c92802b831635ec
- SHA512
  
  a48469f17ff945eb697dc7e4b60d47aad7e010d750476d5a456059ff0ebaf61aee294a3fd7d08c6601cf705853b61198504d5e6576c1187d7916065f08e1fcd0
- SSDEEP
  
  6144:7bHGrwkNQp8zZ7Xe01sUgDIHViPEtcO3:7bmr1NhNvdgAGe7
Score

10^/10

smokeloader slov backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderslovbackdoordiscoverytrojan

behavioral2

smokeloaderslovbackdoordiscoverytrojan