smokeloader | e2168ed68de63cdb549faa1697acf2220044c7c1695a93235caf4484929c7070 | Triage

Sharing

General

Target

e2168ed68de63cdb549faa1697acf2220044c7c1695a93235caf4484929c7070
Size

326KB
Sample

241105-ra3p9stanq
MD5

24cf04b9574b3208c70cd32b43b6c632
SHA1

02352b8efa778d87b4cb08e6d36da6427261649c
SHA256

e2168ed68de63cdb549faa1697acf2220044c7c1695a93235caf4484929c7070
SHA512

e015f91a4be40e3ea72085b8657130c0734636fc558e5c7bbbd9c8e521fc02c4bb7294b0db0ee153a4c89399a00902ef19bfdc5a83514ee17c44c9dcf5b01c88
SSDEEP

6144:+uzciL9GgZAqo80LMCdA2eFNIhROeVkLVoXxpl4CF:/coPAm0LK2erIhk8xpH

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  e2168ed68de63cdb549faa1697acf2220044c7c1695a93235caf4484929c7070
- Size
  
  326KB
- MD5
  
  24cf04b9574b3208c70cd32b43b6c632
- SHA1
  
  02352b8efa778d87b4cb08e6d36da6427261649c
- SHA256
  
  e2168ed68de63cdb549faa1697acf2220044c7c1695a93235caf4484929c7070
- SHA512
  
  e015f91a4be40e3ea72085b8657130c0734636fc558e5c7bbbd9c8e521fc02c4bb7294b0db0ee153a4c89399a00902ef19bfdc5a83514ee17c44c9dcf5b01c88
- SSDEEP
  
  6144:+uzciL9GgZAqo80LMCdA2eFNIhROeVkLVoXxpl4CF:/coPAm0LK2erIhk8xpH
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan