smokeloader | 044ae6880c387cfb07a131fd30ddab0afc94f381eb98289a88501766c4fa24e8 | Triage

Sharing

General

Target

044ae6880c387cfb07a131fd30ddab0afc94f381eb98289a88501766c4fa24e8
Size

155KB
Sample

241109-ywna2azqes
MD5

3ff3eef91269280607353df6e28f825d
SHA1

4f15559ea2113cf92362e70926ee4885c06c6d43
SHA256

044ae6880c387cfb07a131fd30ddab0afc94f381eb98289a88501766c4fa24e8
SHA512

e0efa363edbbec715da3095cba53968d575fc1cda5bd8385b1039a7b33580d465a7b16a99bfddb4e082d03a44b258052f196762783134faf854f20b4f1165ad3
SSDEEP

3072:qGThxwaJTZ8cKnD+5FDLHb5ORN2pJQs41f4VpKRCOvki5q:xhhI6fb4v2pJQR1fgp/Skgq

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  b5cf5f35bf7ea527aab286cf4f24afc32d7d874b2ee752908bbc7d34bf049d93
- Size
  
  232KB
- MD5
  
  7960146c3ce0103f7c63f99952955c3c
- SHA1
  
  e9f98268f7c481e44181fd16a552dedce30d6cee
- SHA256
  
  b5cf5f35bf7ea527aab286cf4f24afc32d7d874b2ee752908bbc7d34bf049d93
- SHA512
  
  440e6ffa38531d69dcce553ca9dc8834f863b5f64dcaa27437ac719bbc89de62f3dcbab04eb40ef35de5515c0f80f898888c18695ccb7c4625ba80bbff56cda7
- SSDEEP
  
  3072:dXOIZCL4NWfzzaaquRshHb2cfUqH2CMb5x7LYgWF3Cn5JN19BRLhdeQnpR:ZjCL4CaaXsB2csuPF3iJNvDLhoMp
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan