smokeloader | 928816615b1ae0c07626d03b366fda5e0442d1b3558dc23e62ef216fa3efc2fc | Triage

Sharing

General

Target

928816615b1ae0c07626d03b366fda5e0442d1b3558dc23e62ef216fa3efc2fc
Size

179KB
Sample

241107-lck1caypez
MD5

3417b936557def9cdd13f7586a1491aa
SHA1

41f0565ad1f1ca08a5ff87d150702c7520cd4952
SHA256

928816615b1ae0c07626d03b366fda5e0442d1b3558dc23e62ef216fa3efc2fc
SHA512

7ecc2fd20fd9c2490280098038aa43578a510acfd98ca5612bab0a5f91ad2b11e47d5860714fdf9e373cbce7098e1752d15a48e04822c612dd842f6e52c7963f
SSDEEP

3072:6rXKYfAxQy/khTXZiqBNgp6A+H+ArJWrxpzbgqru:SXK5xQPhDZzlVJuzbgwu

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  928816615b1ae0c07626d03b366fda5e0442d1b3558dc23e62ef216fa3efc2fc
- Size
  
  179KB
- MD5
  
  3417b936557def9cdd13f7586a1491aa
- SHA1
  
  41f0565ad1f1ca08a5ff87d150702c7520cd4952
- SHA256
  
  928816615b1ae0c07626d03b366fda5e0442d1b3558dc23e62ef216fa3efc2fc
- SHA512
  
  7ecc2fd20fd9c2490280098038aa43578a510acfd98ca5612bab0a5f91ad2b11e47d5860714fdf9e373cbce7098e1752d15a48e04822c612dd842f6e52c7963f
- SSDEEP
  
  3072:6rXKYfAxQy/khTXZiqBNgp6A+H+ArJWrxpzbgqru:SXK5xQPhDZzlVJuzbgwu
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan