smokeloader | a7748f743579abf78f4317a7fed2691a131377d8062740ca9c47b766f33a1e53 | Triage

Sharing

General

Target

a7748f743579abf78f4317a7fed2691a131377d8062740ca9c47b766f33a1e53
Size

141KB
Sample

241109-decgzswcnc
MD5

d040c5f82de45ed9a838cac9984be5de
SHA1

df21873551ea722b981f1b20fe503ea6f3725354
SHA256

a7748f743579abf78f4317a7fed2691a131377d8062740ca9c47b766f33a1e53
SHA512

90bfc6ee54e9a2347e3923cf3935d292ad889aec6f138eec3b94dcdc7f907e27f31a01439dc250311f6a42be0fc0c064bfc02d6a057a74cabd9205a030e4de21
SSDEEP

3072:PiXOPWtw52unzzFULe1zEKoj8qsuGTN8yWR1knEZl7+7b8qQlmwUvNo29U:PbPv2uVUiOjtMKfke+nfqi6

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  065ac71e700c145b999d983c8da94d24784d14f6ddd4129d471fd92665a79579
- Size
  
  226KB
- MD5
  
  6febc6df81ab3b8f32c13a2dbe232676
- SHA1
  
  50fec1c2b794a2663bfe0c1d189391e56c4061b5
- SHA256
  
  065ac71e700c145b999d983c8da94d24784d14f6ddd4129d471fd92665a79579
- SHA512
  
  eeef703978d01554f5478fd07b8a5c3022e239e3c8e8be53356c19c8fd8fcb371d1a3f50a422a5bd92d30399037ddbb9b0f1ef8832191422faea19fbef587f4e
- SSDEEP
  
  3072:cDkKLnfGH5H4YL2miAYuGxutsY/OSLkIcauDsK9jof/ln:ILn+eYCrHxgsraMnC
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan