smokeloader | 2b9e1b625c8a796efe6b1c6e5fdd15ccb210d50e84d62537c6bb5ab0187cde8f | Triage

Sharing

General

Target

2b9e1b625c8a796efe6b1c6e5fdd15ccb210d50e84d62537c6bb5ab0187cde8f
Size

153KB
Sample

241110-bpad9syqfk
MD5

44685a3ad37ce360dc8c7b8c90ec3646
SHA1

6e04067898dbc9f9d5b29b8e66673c690220be20
SHA256

2b9e1b625c8a796efe6b1c6e5fdd15ccb210d50e84d62537c6bb5ab0187cde8f
SHA512

c0afe8f8a8b3049dc8784218d412f2f4a71c13d7ac2ea0f1a0c121349c52a21807410bb1649a93df4d09f96ec9f835be540c976ba0054f442f6f6fb69e8d3ff8
SSDEEP

3072:BrJg6uCHIO9QXst0FFWAgkr9D0p6cpcUFPx+eYgBp+5eF:BFgdkV7+kkr9KBFZ+eYH5eF

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  1b516625c46d89e4052520a38905c4d882a5f410cf533e31594cbf281c626062
- Size
  
  234KB
- MD5
  
  08a21de9094894e3e1501d4ca6fe3192
- SHA1
  
  2bf90e476dc934d0f299575f58ef9732274f7efc
- SHA256
  
  1b516625c46d89e4052520a38905c4d882a5f410cf533e31594cbf281c626062
- SHA512
  
  9cf9d17d3df3b1f1a44e287615987ab3b944174a6c017cbd9421fecd17783821bf32e53660acf539df1bc07011a12d2c4567cb1c67eb89d293f701444ba2bc8c
- SSDEEP
  
  3072:voB+gw/r8VkLCLRNuFzB9z5XmGsElDKTKRJlp1DIsMzfKYIs5JENTU6py:vo1w/rUGCLOFzAaEtzCoEC6o
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan