smokeloader | adee50586a2ad48ed963b528d67df2529e8fe477f3b094363de0678116f78b22 | Triage

Sharing

General

Target

adee50586a2ad48ed963b528d67df2529e8fe477f3b094363de0678116f78b22
Size

295KB
Sample

241108-c8tspawmaq
MD5

e2276ecc0bc605b444aa68bcc48e04cd
SHA1

c3b8e07510dbe667e21476a954ae864b32010fda
SHA256

adee50586a2ad48ed963b528d67df2529e8fe477f3b094363de0678116f78b22
SHA512

6ba2cea6dc9d797d6b4e15f985d311414c20fa483ba9b8e8b6b70108b023107edd14ac20258c4da5792c2161d2954d1c2f0930e0e0b8799483092dac1335777d
SSDEEP

6144:CcQPLa60Zw1kiRxXjAPW+mhArbG3iDpM4ZayqoN6uB:5pLZw1kkjIW+drCyDjZayqoN/B

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  adee50586a2ad48ed963b528d67df2529e8fe477f3b094363de0678116f78b22
- Size
  
  295KB
- MD5
  
  e2276ecc0bc605b444aa68bcc48e04cd
- SHA1
  
  c3b8e07510dbe667e21476a954ae864b32010fda
- SHA256
  
  adee50586a2ad48ed963b528d67df2529e8fe477f3b094363de0678116f78b22
- SHA512
  
  6ba2cea6dc9d797d6b4e15f985d311414c20fa483ba9b8e8b6b70108b023107edd14ac20258c4da5792c2161d2954d1c2f0930e0e0b8799483092dac1335777d
- SSDEEP
  
  6144:CcQPLa60Zw1kiRxXjAPW+mhArbG3iDpM4ZayqoN6uB:5pLZw1kkjIW+drCyDjZayqoN/B
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan