smokeloader | 925e96ee6bef472824116312be1e4fda2c96272d02848dd7ce01cbada4562cfe | Triage

Sharing

General

Target

925e96ee6bef472824116312be1e4fda2c96272d02848dd7ce01cbada4562cfe
Size

146KB
Sample

241106-keg6sswlay
MD5

bd08945b60ecf4e98f422f777561f3d0
SHA1

7d9bc8867911bd4729b6cf3f8ca2cc4123b5a899
SHA256

925e96ee6bef472824116312be1e4fda2c96272d02848dd7ce01cbada4562cfe
SHA512

da1c03054e4f0c14376c2534bf70484c7689970d7f5b7ef2967eb8687ca0a42973f4b62d7e1d9d52446981382fc9d5c2ccf1a75d5ece8e5ee0a1aa0aee85d6bf
SSDEEP

3072:2MyentQuO8CYSxFd88jDbu5pZOOfdRvM92:tt5CYS/HbmOUV

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  925e96ee6bef472824116312be1e4fda2c96272d02848dd7ce01cbada4562cfe
- Size
  
  146KB
- MD5
  
  bd08945b60ecf4e98f422f777561f3d0
- SHA1
  
  7d9bc8867911bd4729b6cf3f8ca2cc4123b5a899
- SHA256
  
  925e96ee6bef472824116312be1e4fda2c96272d02848dd7ce01cbada4562cfe
- SHA512
  
  da1c03054e4f0c14376c2534bf70484c7689970d7f5b7ef2967eb8687ca0a42973f4b62d7e1d9d52446981382fc9d5c2ccf1a75d5ece8e5ee0a1aa0aee85d6bf
- SSDEEP
  
  3072:2MyentQuO8CYSxFd88jDbu5pZOOfdRvM92:tt5CYS/HbmOUV
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan