smokeloader | 8385dd01ea2cf289cdd61721422812ba7ea2e66dfad98b7b4ccf8f7ceb657741 | Triage

Sharing

General

Target

8385dd01ea2cf289cdd61721422812ba7ea2e66dfad98b7b4ccf8f7ceb657741
Size

152KB
Sample

241110-m8g41avhmr
MD5

de67cf8c2a620d59805a50fdb5958bd7
SHA1

d397c38332b2f475fae193ec0e7984509e2df08c
SHA256

8385dd01ea2cf289cdd61721422812ba7ea2e66dfad98b7b4ccf8f7ceb657741
SHA512

a3dbff2805edfdb639c757d6668da9f4793244516b632c17118dc7164918cdba1278fc58dd10e1c277ce37b754395d782e49d44674c2d109d9c20df28780a993
SSDEEP

3072:7KumgMQFp2yOTiA9f0c6FHr0fIGSg1kydr+Yy2L9IEQmmng27:7LqyJAX6Kf/kyfRIE8g27

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  d3f789a2f44f315b7bec24a872644bcdd5bc5c17a877bef67eeb283b5388b321
- Size
  
  233KB
- MD5
  
  acd12a5642fae3385475b7b23558ce60
- SHA1
  
  b445288a93a90149df73913d88aac99111b3c816
- SHA256
  
  d3f789a2f44f315b7bec24a872644bcdd5bc5c17a877bef67eeb283b5388b321
- SHA512
  
  d99b90c71a6139558ace12043baf5895adff69d91ab3a9239fb55db299769b47e277d21b6c8ebe1a6ca71959baa8fa6f8d91b15fd9153dbc7fc07ab4f2d405f3
- SSDEEP
  
  6144:DUBrLERnIrjeebhBkrSL3IFCWKflJZusd:DUBroRn1erk+zvNpusd
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan