smokeloader | d165f663ee8d31884a830c1e3146a53a8e9506f7b58e519d8c07faeebbdb88d8 | Triage

Sharing

General

Target

d165f663ee8d31884a830c1e3146a53a8e9506f7b58e519d8c07faeebbdb88d8
Size

137KB
Sample

241108-z95mxazeqa
MD5

1d1f0c8ef27c19cde0e45d00755c6495
SHA1

c9fcfbadcf5b9a6d99773b73a9706c9820284244
SHA256

d165f663ee8d31884a830c1e3146a53a8e9506f7b58e519d8c07faeebbdb88d8
SHA512

6db105db0f0ecf03218992ab1157f33623b169e48236f6513b3aec4f7a179629c5edabb90c9049df370fcc56c6522499c0b1e68ae681c4dad8f9c8c1c37a208c
SSDEEP

3072:xL7CUF3lUeqFN96E+j40zFdS0MSku/WPIqPQ4VaDSR8I+XQGmcRwQ36Wukya:xXC0lREd0zfS0Cu/UoDSR9h83us

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  18b17b46296ef972416a56e2155784e72846331523c812036f12d24d3a046bed.exe
- Size
  
  211KB
- MD5
  
  03bf09edfcd53ce85235d058b68a4818
- SHA1
  
  79058e6aeae47d2e49a6cda68ddc99de1214112c
- SHA256
  
  18b17b46296ef972416a56e2155784e72846331523c812036f12d24d3a046bed
- SHA512
  
  727c02ea70c4e4e10cf4e2dacacfbb92cbc716326069ab1c7a845e3c617df0a7d981ae0f0688fdddb4adbc868049024e0693b5b1737b595c75661dec39303b12
- SSDEEP
  
  3072:KX541iz5/LfYrdC151qa3jaNznYQl6Z5pRZhMN+xpSP:qP/LUdCQa3mtnl6Z5Xm
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan