smokeloader | 70e1d7c056b605dc306e8c815edc43c756b6018384ad4f5c8713f6d67b0fae22 | Triage

Sharing

General

Target

70e1d7c056b605dc306e8c815edc43c756b6018384ad4f5c8713f6d67b0fae22
Size

162KB
Sample

241108-fhb2qswdql
MD5

c663c86fd9c974f85b44a90a0ecb6960
SHA1

838564977484ec24c1a14961ff52c7c4fd8fe880
SHA256

70e1d7c056b605dc306e8c815edc43c756b6018384ad4f5c8713f6d67b0fae22
SHA512

27e459d050a646feed810d7fc96988dfebb138104ff301c0b54b8c14d3691232146751dedc68a6bd26f6c932515e0231b101d1ee083960d8cbc7336162a087f3
SSDEEP

3072:cY/f6USfGDEFAwei3HcBBRqxjpyQPADqArftXebJ0mWv00qyk:cY/ofQEFveVBDqxjseiIl0J4

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  8c62f343b74c4c5102996d1b039e5dc49d7aaf3ef504b1bd3265213de7c56308.exe
- Size
  
  261KB
- MD5
  
  824f6917bdbc50b5dd169a5b51f0f550
- SHA1
  
  cb9b985b9b0d1bff57b06b4819fcf3c090747701
- SHA256
  
  8c62f343b74c4c5102996d1b039e5dc49d7aaf3ef504b1bd3265213de7c56308
- SHA512
  
  9ba6d7ecc8e19e8ed556b6acfb313d3a6511381f3c97fc19bd8115c88f292d2115c07781e596f17caa70f7b1ad49e338dcffa9395851efd32a729e5b19961eb2
- SSDEEP
  
  3072:jXG21LOb5OdWzFwu4cVSNEjlAIeeIpM6KnI2VVCzgMe5LRFYUEA7:bzOwsCu4mafIf+M6r2zwUR
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan