smokeloader | 4ade542561fd6e57efc2158541dde9a69e2355635207ba33058e70349acb1297 | Triage

Sharing

General

Target

4ade542561fd6e57efc2158541dde9a69e2355635207ba33058e70349acb1297
Size

288KB
Sample

241107-lsavbazgnk
MD5

c9e19c242bcbe78716a5c4e99519518f
SHA1

071c61e38f4604801175a02216fdcd7dd7a9895c
SHA256

4ade542561fd6e57efc2158541dde9a69e2355635207ba33058e70349acb1297
SHA512

7d64053c5913f10b5049b26529ef92003abd0f2c7158e012164d55090ef73c787c5af21a9e5493f0479bb58d0cdaf4cc6143f95aad71d22d5cdcd68a6c12d181
SSDEEP

6144:yQG3b1OvWg9FyHgAbTph5BGKrovzI73okD:PG3b12zyHgAfphDW

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  4ade542561fd6e57efc2158541dde9a69e2355635207ba33058e70349acb1297
- Size
  
  288KB
- MD5
  
  c9e19c242bcbe78716a5c4e99519518f
- SHA1
  
  071c61e38f4604801175a02216fdcd7dd7a9895c
- SHA256
  
  4ade542561fd6e57efc2158541dde9a69e2355635207ba33058e70349acb1297
- SHA512
  
  7d64053c5913f10b5049b26529ef92003abd0f2c7158e012164d55090ef73c787c5af21a9e5493f0479bb58d0cdaf4cc6143f95aad71d22d5cdcd68a6c12d181
- SSDEEP
  
  6144:yQG3b1OvWg9FyHgAbTph5BGKrovzI73okD:PG3b12zyHgAfphDW
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan