smokeloader | b7bf463de991785f498aa0cf8f0dfb4c402ebb6dabbd9c1bd77a2dcb31e2ec61 | Triage

Sharing

General

Target

b7bf463de991785f498aa0cf8f0dfb4c402ebb6dabbd9c1bd77a2dcb31e2ec61
Size

178KB
Sample

241107-alwmnazpbv
MD5

3dadd5b39442c9cda5059f0d70b52307
SHA1

635ea849041d5eff8355aeff2071211706e2e315
SHA256

b7bf463de991785f498aa0cf8f0dfb4c402ebb6dabbd9c1bd77a2dcb31e2ec61
SHA512

312ce1276b36025570dd1ba2fbb36b680ff49591e8158537dd8ec7236360882de3d1ece85fb7463d70e54848a4157d40f79715245fe74cb0b467dbcdb1ca4ac8
SSDEEP

3072:PR7t8wuNRddBe4GeVnDkh6lCT2pT20wXTAC266kQsL96ZJEz7ltuGXclAlh:p/uLddBe4G0n4ZxjO66VZJEz7ltuIclw

Score

10^/10

smokeloader summ backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

summ

Targets

- Target
  
  2c43ca2ea57631cdd00d46b6d292ca82922c239c1ad400a4714134fed8f2a50e.exe
- Size
  
  348KB
- MD5
  
  618e4050696c3303523e67ccb16660b0
- SHA1
  
  681096cc439d07053de0fbcbbef4686f13e5a475
- SHA256
  
  2c43ca2ea57631cdd00d46b6d292ca82922c239c1ad400a4714134fed8f2a50e
- SHA512
  
  af29e7df2b52af4a5795e728cc527134c3d9069f212ef4d6032962988f409eff7eb44569cac2048e3e695b029fac65f8d6efc9e930d492d4ef191e1aa139d747
- SSDEEP
  
  3072:SJs46UEL0AzLmizdx3AH2+KzMgZmqtDO5kGVwlGvPGT1hM:4srUEL0adAH2+KzlRDrGVjv+
Score

10^/10

smokeloader summ backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersummbackdoordiscoverytrojan

behavioral2

smokeloadersummbackdoordiscoverytrojan