smokeloader | d835f905560e51d7167efff65f542bc492502a510e3c5ea0cbe0aab0f811e5fc | Triage

Sharing

General

Target

90a6e9b13433e201fabe82f254a08df4_JaffaCakes118
Size

299KB
Sample

241123-zxg13ssphl
MD5

90a6e9b13433e201fabe82f254a08df4
SHA1

1fc6032c73500529e2cc355851d652040481c79c
SHA256

d835f905560e51d7167efff65f542bc492502a510e3c5ea0cbe0aab0f811e5fc
SHA512

f63f726b9f9407eabb0a24b27b33c1e2983e45561a6a57d94a30113bae5671c209f07e2f92f3ec9919d83b26477bc441f260a31b21879a6b0d94f66bb7de58eb
SSDEEP

6144:1P3Fy5E5Cb0Jh0NlX1aDqjIaQIGmHddI51RbiGLEc:1P3Fy5E80PMzaDqMagWiZ

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  90a6e9b13433e201fabe82f254a08df4_JaffaCakes118
- Size
  
  299KB
- MD5
  
  90a6e9b13433e201fabe82f254a08df4
- SHA1
  
  1fc6032c73500529e2cc355851d652040481c79c
- SHA256
  
  d835f905560e51d7167efff65f542bc492502a510e3c5ea0cbe0aab0f811e5fc
- SHA512
  
  f63f726b9f9407eabb0a24b27b33c1e2983e45561a6a57d94a30113bae5671c209f07e2f92f3ec9919d83b26477bc441f260a31b21879a6b0d94f66bb7de58eb
- SSDEEP
  
  6144:1P3Fy5E5Cb0Jh0NlX1aDqjIaQIGmHddI51RbiGLEc:1P3Fy5E80PMzaDqMagWiZ
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan