smokeloader | 452b6a3d98f2631d3c99debe19db75f4066440bf0b2f57b0711f73f3bac111db | Triage

Sharing

General

Target

452b6a3d98f2631d3c99debe19db75f4066440bf0b2f57b0711f73f3bac111db
Size

142KB
Sample

241108-ngsl4a1fnc
MD5

4d04ffe2f4c4e72943d2164655d8c61a
SHA1

81d3b43d58f1b72243a7d0f24708d428b612c763
SHA256

452b6a3d98f2631d3c99debe19db75f4066440bf0b2f57b0711f73f3bac111db
SHA512

e6fef01c138744f4f0e5db9de087040b637eebff9ede258dbe350ff9eca5baba809648fd5969c4394d28fe161db07db0e33ad22894b7d205b427306e3e7abd13
SSDEEP

3072:F2FNO/8E6feqzh8j1yvKwzfxG1pfY96tcUfbeeYgV5TJ2XXHgbMPh6yR:qK8EqVUxq5GjfY9ITfsgV5yXZDR

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  a4c457f7d3f8cd443217651b65fa1c459df1cc5b140a7df29beed3d04c4fcbf3
- Size
  
  229KB
- MD5
  
  f103d70601ce547edcca2efc9981c157
- SHA1
  
  b1c010c61ff3221b4f4307985363cfda9597f58c
- SHA256
  
  a4c457f7d3f8cd443217651b65fa1c459df1cc5b140a7df29beed3d04c4fcbf3
- SHA512
  
  1b4267c4c02c9d5a0b81ac35f448578210e830ce93fb654cb3f4a40697f6981446d78748f8ea61579a7574aff29f66361140b37a7af8eeeaa887e9e7af357616
- SSDEEP
  
  6144:S0L8szi2jB1p9wGyQ0ficukV6dVApjcK:S0wsziKB1pediZNVApjcK
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan