smokeloader | 8a9ca3236b87ebc711b484e85b30c342c4a31a1d41d0742a96fe6d398d04e35f | Triage

Sharing

General

Target

8a9ca3236b87ebc711b484e85b30c342c4a31a1d41d0742a96fe6d398d04e35f
Size

242KB
Sample

241105-fgr2kawarp
MD5

2d6b35bcb968a221139430434985669d
SHA1

2f2e32b14934769ba93c3c2ef9f6ea6f03eba331
SHA256

8a9ca3236b87ebc711b484e85b30c342c4a31a1d41d0742a96fe6d398d04e35f
SHA512

17e6e24d36b733dcf55c59d4935fa10a535fdab02ba620a5aabbe7f94ad53ee198c02d5a063d0a3b3887f409521c0e30d28693548566c544f89633463e36426e
SSDEEP

6144:FrQpU5ggiROrW2sg/sdyCOzgN99PyZeD3kLn:KpcggiROrB0tOOPy0Q

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  8a9ca3236b87ebc711b484e85b30c342c4a31a1d41d0742a96fe6d398d04e35f
- Size
  
  242KB
- MD5
  
  2d6b35bcb968a221139430434985669d
- SHA1
  
  2f2e32b14934769ba93c3c2ef9f6ea6f03eba331
- SHA256
  
  8a9ca3236b87ebc711b484e85b30c342c4a31a1d41d0742a96fe6d398d04e35f
- SHA512
  
  17e6e24d36b733dcf55c59d4935fa10a535fdab02ba620a5aabbe7f94ad53ee198c02d5a063d0a3b3887f409521c0e30d28693548566c544f89633463e36426e
- SSDEEP
  
  6144:FrQpU5ggiROrW2sg/sdyCOzgN99PyZeD3kLn:KpcggiROrB0tOOPy0Q
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan