smokeloader | 7934699983a5eb47c30dc2aae6848217efcf5c84ce79a711e0b2863290ce6bc6 | Triage

Sharing

General

Target

7934699983a5eb47c30dc2aae6848217efcf5c84ce79a711e0b2863290ce6bc6
Size

150KB
Sample

241109-j1fpes1cqe
MD5

5ff619f2b5d6573db2ce14a2b47066a3
SHA1

cc8f2d0cb507083ee538e0abd0f4b914f9cf9e2d
SHA256

7934699983a5eb47c30dc2aae6848217efcf5c84ce79a711e0b2863290ce6bc6
SHA512

8d9685e800bf8633cb15698c99fdfb867115a2c7fceb1713f5f21f1dbc24fddff486b3be3d86077b0415a960a58635fac226e3f6c060f08ac58424b0f295818f
SSDEEP

3072:vv8NblQJBqoOoQqzIId+JRHM2zCMmZV/WvOq7ayXr66h34YIi/Jau5zYXT:vENbIZRPd+vPSZdQOqPJhoYIi/Ja+z+

Score

10^/10

smokeloader sprg backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Targets

- Target
  
  c7e25075b3d4200b1c9ef102c4c32eb2.exe
- Size
  
  236KB
- MD5
  
  c7e25075b3d4200b1c9ef102c4c32eb2
- SHA1
  
  e0ac9316bfd05f46ad7da13526ec2d5b03202046
- SHA256
  
  683f0358815c8f598b1fe8b537e072a515115da4d2e63fcc6e9ffbf61870d3c0
- SHA512
  
  8c32854ee4aa14ef5ceb249fe37e13d142c3cc0eb0f23dc10a0b95f6598e87eb5fdf97b5d1d101caf0472e0b3899cf0adf4c56bd96048fe3987f8adb6c22a476
- SSDEEP
  
  3072:1Xble7H5QnsEQP6MzIM28KFy9XwHUHgG/Nf5/FEWwYPDpJKJRfeI:NleVXEQiMMM28KA9XLgMNhFaYPDWJ
Score

10^/10

smokeloader sprg backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersprgbackdoortrojan

behavioral2

smokeloadersprgbackdoordiscoverytrojan