smokeloader | 63ba41f19c832dfd7858bf1bb6065bdf0224deb732b6ac83e4ba4828a639ddec | Triage

Sharing

General

Target

63ba41f19c832dfd7858bf1bb6065bdf0224deb732b6ac83e4ba4828a639ddec
Size

216KB
Sample

241107-lt1r5ayrhz
MD5

918de77d857a49cfc30f545daf819dd4
SHA1

93064eef7767b8fce42268d7f9f3829c598e2f29
SHA256

63ba41f19c832dfd7858bf1bb6065bdf0224deb732b6ac83e4ba4828a639ddec
SHA512

45562475960ff65831fb646732a0196bba1e0558fd328421fb665e62a08509a3014b9c5d767bafd34e5f9f5dda294e9ae12a1a38569d1c62a604e40d4f3076fa
SSDEEP

3072:jO3/4g/JP/upQpfBQXWWI1wctR6xBbfhRCe8txz/ZghlPX9px0UaJ9WQ67EArfV3:qH/AXrYwc2fTkkt70UwbMEADHEdar

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  bd5b43581ee638651df0a279e0adafc61e17537a3dbb53d88959f27883ec000c.exe
- Size
  
  326KB
- MD5
  
  37ec3a19172601379912358650d0c81a
- SHA1
  
  23dbbe4f0bce8a8aad4186b457da2f3dc6b3f09a
- SHA256
  
  bd5b43581ee638651df0a279e0adafc61e17537a3dbb53d88959f27883ec000c
- SHA512
  
  1686e476b5d4a1fbd8ba474440e1bf13ea0234fc01896d5b6314e54b288172cbbf86c446059e1ed64460e4c6252ba48ce55d098d3eee389b7ebcec636445a6d1
- SSDEEP
  
  3072:JQk1eoLUj8lLP1M5OyivalZK98Fgi161mbJejLcFQOP2lKEssMOeY5QHShyWVsiy:J1ZLZlLhbvan0mFXQOPZElnyHS/RY
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan