smokeloader | 9eb589e9e6b9a7ddae400d859e3dc03d4a97bb27a1e21b26d10354dfcfd5240d | Triage

Sharing

General

Target

a42ebbc875c11c8df5dc8398e051f6d0
Size

141KB
Sample

241109-gcl57ayfma
MD5

a42ebbc875c11c8df5dc8398e051f6d0
SHA1

3cca21eff90ddc998920780515cb907dcd8782f0
SHA256

9eb589e9e6b9a7ddae400d859e3dc03d4a97bb27a1e21b26d10354dfcfd5240d
SHA512

e010e659a95d5887ff10028ff0205e44a882da9ff07e13e9d188bf11c226a9826d1f483099e08aca745741727dd00fc7a82af1d07d83140fef6cac2e4d33e65c
SSDEEP

3072:WrvGGIIP+lYDWT/kq7abqlohxivZc/lWBWtoQu9Ij9h:WrvXIIWwWT8PbqPxwybI5h

Score

10^/10

smokeloader slov backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

slov

Targets

- Target
  
  5740b8a21e0f7386c22f383ba6a9a3c18284f3003e02b72c01d9f7e13b88d1ab
- Size
  
  259KB
- MD5
  
  b2c020445f8c89cb2c1ffd07997fef52
- SHA1
  
  160daad8f16e3810cf75ec16897b10a85c02c5ad
- SHA256
  
  5740b8a21e0f7386c22f383ba6a9a3c18284f3003e02b72c01d9f7e13b88d1ab
- SHA512
  
  6a2fac6771887d674c710e45058d2951fcb7707513f0cd665938fb726b2d12d533ba6c4897f74f23717570c87824643fc499c1d8b33ef5a298f8a2e0293da6a2
- SSDEEP
  
  6144:bsOQFADD5TBJ5LZZ2sUcHQBiA0S0pRwyb53y/+Ie7d1P:bsHAhNTLZZ2sUcAifS0Lwyt3Qwz
Score

10^/10

smokeloader slov backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderslovbackdoordiscoverytrojan

behavioral2

smokeloaderslovbackdoordiscoverytrojan