smokeloader | 1e902df1377fe03cc6d153fe79db192589e68d96d817307856150eb9e98a53ee | Triage

Sharing

General

Target

f5d2704617d33824adfea9476d946a335ac6e3fc
Size

361KB
Sample

241107-j92y1sxrht
MD5

873a639a93c1d19b872141d9572200ba
SHA1

f5d2704617d33824adfea9476d946a335ac6e3fc
SHA256

1e902df1377fe03cc6d153fe79db192589e68d96d817307856150eb9e98a53ee
SHA512

256dc9d35bfd3a220863f777b2355f461cfccdc461a99ef9167334a89b025580ba5fc0113b9be7b2d12b6ee48d3afc100c53a3fd0f68e056f76c6fd07fb553f0
SSDEEP

6144:0FOlrWY18VODdR1YGqWnv4ygFdp41hajlttKh4rEZS1ulkYUdlnaRuGrS:jB18VODL1YZWnv4ygFdp41ha3L1ulkbW

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  f5d2704617d33824adfea9476d946a335ac6e3fc
- Size
  
  361KB
- MD5
  
  873a639a93c1d19b872141d9572200ba
- SHA1
  
  f5d2704617d33824adfea9476d946a335ac6e3fc
- SHA256
  
  1e902df1377fe03cc6d153fe79db192589e68d96d817307856150eb9e98a53ee
- SHA512
  
  256dc9d35bfd3a220863f777b2355f461cfccdc461a99ef9167334a89b025580ba5fc0113b9be7b2d12b6ee48d3afc100c53a3fd0f68e056f76c6fd07fb553f0
- SSDEEP
  
  6144:0FOlrWY18VODdR1YGqWnv4ygFdp41hajlttKh4rEZS1ulkYUdlnaRuGrS:jB18VODL1YZWnv4ygFdp41ha3L1ulkbW
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan