smokeloader | 5d17bf188bc73f2a42aa4cdc4ce00c878459695e984b5aae8c28aca06e5ac882 | Triage

Sharing

General

Target

5d17bf188bc73f2a42aa4cdc4ce00c878459695e984b5aae8c28aca06e5ac882
Size

128KB
Sample

241106-mn432aydph
MD5

f4c5a49e0051ae8109b6371fa85b1364
SHA1

a781f1e6a0b01982ce47d234df3cb1871db1fdf6
SHA256

5d17bf188bc73f2a42aa4cdc4ce00c878459695e984b5aae8c28aca06e5ac882
SHA512

8f97d8d8e897d15e781bd03fecb7c16b1ed90f0259d1406e0175e0beacd0dd87482b51fea6f5adda9d4249255b59ca7874ef994ae7d7c2e5f94213205a999843
SSDEEP

3072:swsdDgc2bbIRQDEvGAzBIXlA1NmYHi2zKQsP2/vdC9rulcSZKE:ps321+mXlA1Nu2+L2//qdE

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  ba48ef0c94cf2a262a8552841ecdaa6eb8e39283b0ace8ed21feda0f85fe99b8
- Size
  
  188KB
- MD5
  
  bf07308c4cd2e8cf11b2082edeca1faf
- SHA1
  
  67a41cf628ae27a0555290f48881ae1bad1aeb0e
- SHA256
  
  ba48ef0c94cf2a262a8552841ecdaa6eb8e39283b0ace8ed21feda0f85fe99b8
- SHA512
  
  9823bacb05c6c0e68577186dec70b399445295335991cf8d9af3fb4189459fe36e1f3f55875e3c223f50b4c0da8915d22fb454bf25d7c0858540246f748e53b9
- SSDEEP
  
  3072:GdXSicgMoS0kLxiX3L0DMRyG0Ht/B8rkv3YHi2zKQsP2/vdC9r4P733D:6SRQbkLcX3LyG0N6gr2+L2/N7nD
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan