smokeloader | ff9d806a6080f61553c14042baf5685dcdc73ef6cb74288d822125a9a30d6778 | Triage

Sharing

General

Target

ff9d806a6080f61553c14042baf5685dcdc73ef6cb74288d822125a9a30d6778
Size

125KB
Sample

241109-f69b5sxqfy
MD5

ce4ecddeb0c10ee4d9360c577a2fddf4
SHA1

06432788f45007656efed01c6ddc3a95bf7de549
SHA256

ff9d806a6080f61553c14042baf5685dcdc73ef6cb74288d822125a9a30d6778
SHA512

51243d6b5949016a82195ed23e5e8ea483cdada01c0c2fe11434c1d5c061cfc09b47a73098f14295396ab536bb4451c1147b6d89635794d3b18c3c7ea1231aa7
SSDEEP

3072:uAVsZHuZB/hJ0wE6TLH4ILMgLfNjA48Ud5TxcXx:3sVKRn9EUHtXfCEXCXx

Score

10^/10

smokeloader slov backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

slov

Targets

- Target
  
  d39fdf80785be4b06809825a56b59ab494323fe1b2da317f5b2cfd0b6c1605d6
- Size
  
  199KB
- MD5
  
  e329041d8eb5d3f035c3246674a55942
- SHA1
  
  e7a58f0a4786fa3151936072314b960284b858e1
- SHA256
  
  d39fdf80785be4b06809825a56b59ab494323fe1b2da317f5b2cfd0b6c1605d6
- SHA512
  
  8b69f1bda8eaf47a2ac3037492e6c936468611de7e7314159f3811b84a90ce3bbf193ddc5822fde1173a859f8d654506f2571b47cf79ba6d771d7a99fc1e923a
- SSDEEP
  
  3072:o7jXQnYfHJv8Gx02dWUxXSK/HrUcdaNQwe+S/VPm7:kX/J42dWUxiAUcINQ2S/Q
Score

10^/10

smokeloader slov backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderslovbackdoordiscoverytrojan

behavioral2

smokeloaderslovbackdoordiscoverytrojan