smokeloader | c72ae6edeaced41fa9bef01881b66879ffdfcb3b5d37242e5f404d57bde32f73 | Triage

Sharing

General

Target

c72ae6edeaced41fa9bef01881b66879ffdfcb3b5d37242e5f404d57bde32f73
Size

95KB
Sample

241108-bmma2s1lhw
MD5

05378908bcf50add759a9b32450264fe
SHA1

d9bd3ba4aeb2f63bfa7248cd0b473d68cf34f827
SHA256

c72ae6edeaced41fa9bef01881b66879ffdfcb3b5d37242e5f404d57bde32f73
SHA512

5775f882c271797e9706cded486e399fc9ba139e3f751ee8da5ee5290ed286649617624d9ae0b37b085f116df33b4a0947041d296f4703343ea174b33f30009d
SSDEEP

1536:EKVjzRaCiS4xh4VeZE8RcDAHwDTUri1RyX6tE4V0ew29nWpKLeA+mMxriO8rRMFY:tDaCirUePcDswDorirgWVw0nWsL/Mx3G

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  7f93859a1333e40574f822b1c7d5889b5ba982dfef94863f4190af931373aa18
- Size
  
  145KB
- MD5
  
  7631b605b83eaaaf73fa761418e8f1eb
- SHA1
  
  eaff9de776694a1e0acb3c225edeed868c61c99f
- SHA256
  
  7f93859a1333e40574f822b1c7d5889b5ba982dfef94863f4190af931373aa18
- SHA512
  
  f5079c42bd1163cd463df8c6da3078749ce7d7041fb02fcd51741714872ff514c7a6f1117113da5cfc2b9031c0a820074432d615a6f679df93167556c549f7fb
- SSDEEP
  
  3072:uLSpQoCMRgmOjoV4147YYQaX5LfWGqJFs:eflMRgmLV4OtbxWvn
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan