smokeloader | 50d17d91ddc4574a804ab63c49c53757cd467229a6dce3fe4321a49953fe5024 | Triage

Sharing

General

Target

50d17d91ddc4574a804ab63c49c53757cd467229a6dce3fe4321a49953fe5024
Size

136KB
Sample

241108-c4n2mstcrc
MD5

7a9ef7c8b7b8345b7bf9d7dda808506c
SHA1

84e0936ceaf97e0cbcddc377192cbd159ce484eb
SHA256

50d17d91ddc4574a804ab63c49c53757cd467229a6dce3fe4321a49953fe5024
SHA512

f5363d820e8a9fc5190851c1d0103b25229e774a713deb2b7bb3486d717941c53d75f0b65db0bf7c614b6c6e164f5007a3e9513e9adfe1b9aacd76727bc80499
SSDEEP

3072:CdACo7IdRPPNjx8JYKOET+ZCWOTlBj6rd3HNOs7b0LI:AoelNN8+KBTuCXopNj7b0LI

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  63486cafee2f850b1d158a4cd03e27f039045976bc06aca247646d5b5ef2c882.exe
- Size
  
  210KB
- MD5
  
  6435b205e6e701a00348b507a0d91145
- SHA1
  
  44976c45c7601a76d143223f6bb9b8ff17136c2c
- SHA256
  
  63486cafee2f850b1d158a4cd03e27f039045976bc06aca247646d5b5ef2c882
- SHA512
  
  513950778b07d4222a7e90022df38fa36261da5be193c88d1f85204edc6719588608401d2bb3bc8239dcdd09b4f26c7ad9901f8a3fd0e47f7e277b918e97fd01
- SSDEEP
  
  3072:7KXRkwqALdV7g1qt5iAWUUzwfUkRIP/tIolymIdiqXFW6:WnZL40wHzwRKP/tIFX9
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan