smokeloader | 902b2ddbb10ab6cf3d911db706b44b2dcae975c6ece4ed811ba8efdc0566e991 | Triage

Sharing

General

Target

902b2ddbb10ab6cf3d911db706b44b2dcae975c6ece4ed811ba8efdc0566e991
Size

237KB
Sample

241108-zgdnqasjcj
MD5

b070e11c35ae7624a721a369d543642a
SHA1

1626118b8dd2ef612efe24866c1dfe01b08d020c
SHA256

902b2ddbb10ab6cf3d911db706b44b2dcae975c6ece4ed811ba8efdc0566e991
SHA512

9f573aa08156dfae4ee0b33ce9e1c97cb2687386e74e209575a938fb6427e57caf4fd6b551232c8b16de795bf6ed9c13a75c5b9179eb127de4e471bbcd7e1458
SSDEEP

6144:0H75ZFat/3w0KUT3tUsRhLqMk9qNxGSM01c6A:Y0t/3w073tzRhLowE0

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  902b2ddbb10ab6cf3d911db706b44b2dcae975c6ece4ed811ba8efdc0566e991
- Size
  
  237KB
- MD5
  
  b070e11c35ae7624a721a369d543642a
- SHA1
  
  1626118b8dd2ef612efe24866c1dfe01b08d020c
- SHA256
  
  902b2ddbb10ab6cf3d911db706b44b2dcae975c6ece4ed811ba8efdc0566e991
- SHA512
  
  9f573aa08156dfae4ee0b33ce9e1c97cb2687386e74e209575a938fb6427e57caf4fd6b551232c8b16de795bf6ed9c13a75c5b9179eb127de4e471bbcd7e1458
- SSDEEP
  
  6144:0H75ZFat/3w0KUT3tUsRhLqMk9qNxGSM01c6A:Y0t/3w073tzRhLowE0
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan