smokeloader | e2bcf74dbc9f020e8f08492e6a10a601cff375971b66a19435c5faddb8ce7a97 | Triage

Sharing

General

Target

1968ec0826ed8dd2047c5f9bcd28acbea4a63294
Size

211KB
Sample

241108-a18krstpbq
MD5

10dbd1a1516638aecff2d02c70c41c3a
SHA1

1968ec0826ed8dd2047c5f9bcd28acbea4a63294
SHA256

e2bcf74dbc9f020e8f08492e6a10a601cff375971b66a19435c5faddb8ce7a97
SHA512

8ef07deefe4781f0469061cb79213d77c3f31815fb9ad3ed3f8f83119c59410e6bee29a299a54926b6464083c5cea0c79c8fd75f7325a40bff7693823110df79
SSDEEP

3072:cbWoSdUCtu9MUy4xk2Q5Jco4RxJEPSvnARgYzbHOAg0FujD05A9aq/oHMP/CAPK:cqogFu6U3xkxaRHEF+AObaq5XC

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  1968ec0826ed8dd2047c5f9bcd28acbea4a63294
- Size
  
  211KB
- MD5
  
  10dbd1a1516638aecff2d02c70c41c3a
- SHA1
  
  1968ec0826ed8dd2047c5f9bcd28acbea4a63294
- SHA256
  
  e2bcf74dbc9f020e8f08492e6a10a601cff375971b66a19435c5faddb8ce7a97
- SHA512
  
  8ef07deefe4781f0469061cb79213d77c3f31815fb9ad3ed3f8f83119c59410e6bee29a299a54926b6464083c5cea0c79c8fd75f7325a40bff7693823110df79
- SSDEEP
  
  3072:cbWoSdUCtu9MUy4xk2Q5Jco4RxJEPSvnARgYzbHOAg0FujD05A9aq/oHMP/CAPK:cqogFu6U3xkxaRHEF+AObaq5XC
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan