smokeloader | 3da207e9b649dce2596dcb3bf7c1572e1eeb205179b3a12f61e67932063359da | Triage

Sharing

General

Target

3da207e9b649dce2596dcb3bf7c1572e1eeb205179b3a12f61e67932063359da
Size

120KB
Sample

241106-j3gdqsynfp
MD5

8408e26da1eea274bc89ac9bae697653
SHA1

61ee9c27333bbceb5336e1a2c1bfeaacad01c740
SHA256

3da207e9b649dce2596dcb3bf7c1572e1eeb205179b3a12f61e67932063359da
SHA512

12ce16aca4d4b595c8c8c93bf8538732fff655087617d536ce92f5f27c4cdc918f6ca16dc3771b6a808e227a3feef940bf9202da8a0cbd220553fea95e27c242
SSDEEP

3072:Z9JgZ46AuFQP+IXzzcJvDRIN+oqwyu/5thnzSMxNeo:LufzWsJvDRINtqwyu/ZnHp

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  521e6ab3da29cda2fc6399ac88289ed9762577ff4e9742a56ec89bf4521be6c1
- Size
  
  192KB
- MD5
  
  1e318119fdcd8c3541ec26be8c78684b
- SHA1
  
  a918d02af23a41f245b53a69b8be0faae6b9580b
- SHA256
  
  521e6ab3da29cda2fc6399ac88289ed9762577ff4e9742a56ec89bf4521be6c1
- SHA512
  
  fc8a0ff6b11a39d5521a47becb8a2f23810c267bb31cc6daffe6250292de8351eacf7640e4fd79c7055756ef7a72befc63314eee14bf4503068aff260e1c829c
- SSDEEP
  
  3072:v/stdl/j8L01d268hQo/6Rlvo2/9NiKcnnJvsXRz52muuC:X0/j8L09oKlg26KcnaRoK
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan