smokeloader | b6f8cdf75993efd765e334d210fd76bd8586a125c2ebbbe271f3fc026db750a7 | Triage

Sharing

General

Target

37419d3a8a50d2e5bc0eef676a37d6757ba43a64eff868edb4af5c386900235f.zip
Size

154KB
Sample

241115-qybe9aylgn
MD5

e270656c1dead9e902b3b1403533cca0
SHA1

9d0469e0c89c269109c2b73286540d476590750e
SHA256

b6f8cdf75993efd765e334d210fd76bd8586a125c2ebbbe271f3fc026db750a7
SHA512

adf2b680fe0a063e108b236a3fa8442aafcd92f316337526962d24bb4e1cdd9c1934ec611f5334aa3b4edfd4b524fe54db421ffce07397eaf3b52c5bd6a527ee
SSDEEP

3072:SSa++24uP4KpKBQ7K2D71cNxqokyKu43KcakUSg4i6MVYlv:X0/IRp0QG2D7qxqokyE3KBT1Kh

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  37419d3a8a50d2e5bc0eef676a37d6757ba43a64eff868edb4af5c386900235f.exe
- Size
  
  248KB
- MD5
  
  1f243595efaa54f6c37a089ec7847c6d
- SHA1
  
  83eb38d9f85bdcf12cb781fad34ceb1e31b34b5a
- SHA256
  
  37419d3a8a50d2e5bc0eef676a37d6757ba43a64eff868edb4af5c386900235f
- SHA512
  
  58e936e2c5b44a489c75494102228d11d6aa6d3e26e687f20923437c1d44b2e9af5533e3ea53c178c2bc70d656f913158dbc0f5cd8cdc7a3738cba8ad6cbff55
- SSDEEP
  
  3072:IDGh7pXYLE2d5+8XTQhtetONYWO9jfBU393KySv53brCTxI:RpXYLEcfXT3hRfG3kyevCFI
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan