smokeloader | aa2666cb81acc91316512a1eeb3cd60e4e0aadbd56d98a005fb7e6cd0dfdf714 | Triage

Sharing

General

Target

539c6eaa3bd26db45d665ee0cb451a34
Size

166KB
Sample

241105-d642bawnak
MD5

539c6eaa3bd26db45d665ee0cb451a34
SHA1

7556f8f25e8334b6315bb142fbe69e800cb0445c
SHA256

aa2666cb81acc91316512a1eeb3cd60e4e0aadbd56d98a005fb7e6cd0dfdf714
SHA512

3fd3b881512491013636133a0e245f1c65a753bec7734c75233e51c9053155b3cc89d1b6b65926de2e91466212fa7b57c4cdedbf60d6aa5f67b99cdcb9d732c1
SSDEEP

3072:3bZ5K29wsNDKlmWtQ2ee3gmCcGxTgM5IwpZFKBXcg321af0ziNruHiLvSpBQL7x/:Vp9wIMmYzmTHzJciaf0mNrJQM7x

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  84d14647668d5c7b9658be5ee0b28ed4e6809d2df12f63ee07d9384e263bc624
- Size
  
  260KB
- MD5
  
  187fd27e198d95ef64209f5dd7c31fe6
- SHA1
  
  f847287ad341b0b5dc5452e521806ddfa2201a74
- SHA256
  
  84d14647668d5c7b9658be5ee0b28ed4e6809d2df12f63ee07d9384e263bc624
- SHA512
  
  475fe15b48382c41835c00a035188eabc79c76cb523c23f2ccf8f5b48e1681c9038e878d769eb23ac2386c0076847bc89a98a74ceeff78792880eab6f133a548
- SSDEEP
  
  3072:AXOSHpyLZtAg0fDGomj5xeS5NmMyZQnfPd/boXmHnt0wNRHYfoM/h3i:0hHULZMfKoirN/y+nnd/ymHttP
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan