smokeloader | 19c952a1804767ad97270f59d3a160618ff10efd332a8efd3735cc9770082501 | Triage

Sharing

General

Target

19c952a1804767ad97270f59d3a160618ff10efd332a8efd3735cc9770082501
Size

237KB
Sample

241105-r22maavqhk
MD5

209cf243273e1c853d872190dfd6a8a0
SHA1

8b78bea1f98f95afe843ad627ab76e5bb1efba48
SHA256

19c952a1804767ad97270f59d3a160618ff10efd332a8efd3735cc9770082501
SHA512

65a5e1f18d431a7858f167dc07a3faf7af47ca8817771b5be96feb43c72491e3442fe7bb76c3bebaf6b08971fd68c678ff1e4856cfb5f0962e16fd6de165fe6e
SSDEEP

6144:dEUWWTFkSlqyCT0iPdsZfZh9M4CkxW0g8WQElntMM:vFTeSlqyCTHa/h9BFxWhnDh

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  19c952a1804767ad97270f59d3a160618ff10efd332a8efd3735cc9770082501
- Size
  
  237KB
- MD5
  
  209cf243273e1c853d872190dfd6a8a0
- SHA1
  
  8b78bea1f98f95afe843ad627ab76e5bb1efba48
- SHA256
  
  19c952a1804767ad97270f59d3a160618ff10efd332a8efd3735cc9770082501
- SHA512
  
  65a5e1f18d431a7858f167dc07a3faf7af47ca8817771b5be96feb43c72491e3442fe7bb76c3bebaf6b08971fd68c678ff1e4856cfb5f0962e16fd6de165fe6e
- SSDEEP
  
  6144:dEUWWTFkSlqyCT0iPdsZfZh9M4CkxW0g8WQElntMM:vFTeSlqyCTHa/h9BFxWhnDh
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan