smokeloader | eba6c033d94f67b6895ac74b595898525a06068fed1be9c98ad1942d78578d5c | Triage

Sharing

General

Target

eba6c033d94f67b6895ac74b595898525a06068fed1be9c98ad1942d78578d5c
Size

295KB
Sample

241107-rmtywstfkc
MD5

d160431398cee4322e73146424968c41
SHA1

8ceac81e5466f066183f02623fc65ec598ff0d91
SHA256

eba6c033d94f67b6895ac74b595898525a06068fed1be9c98ad1942d78578d5c
SHA512

6ce1335c10da7cded353f2e09ba5544a1eaa46578d932269fdd3c1426d687c466a572a062425100db56d5b2bd3049587a8dfe4dd7e6576b7ea265a9da9be4831
SSDEEP

3072:1m6L0JiLyEF8RlWDMMyckNvyk5vQh+FWzSq+s0GdyKrqtCzFkCcMaXGsjE2f0GvW:eeDMj1vQSq+s0pKrJzFkPHXGrI0GUly

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  eba6c033d94f67b6895ac74b595898525a06068fed1be9c98ad1942d78578d5c
- Size
  
  295KB
- MD5
  
  d160431398cee4322e73146424968c41
- SHA1
  
  8ceac81e5466f066183f02623fc65ec598ff0d91
- SHA256
  
  eba6c033d94f67b6895ac74b595898525a06068fed1be9c98ad1942d78578d5c
- SHA512
  
  6ce1335c10da7cded353f2e09ba5544a1eaa46578d932269fdd3c1426d687c466a572a062425100db56d5b2bd3049587a8dfe4dd7e6576b7ea265a9da9be4831
- SSDEEP
  
  3072:1m6L0JiLyEF8RlWDMMyckNvyk5vQh+FWzSq+s0GdyKrqtCzFkCcMaXGsjE2f0GvW:eeDMj1vQSq+s0pKrJzFkPHXGrI0GUly
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan