smokeloader | 1392df92a482f9cbe6716cfe5e4cbb3e70d11154cca71d1c7a83b0a21eb160ea | Triage

Sharing

General

Target

1392df92a482f9cbe6716cfe5e4cbb3e70d11154cca71d1c7a83b0a21eb160ea
Size

251KB
Sample

241215-qwv2wavrav
MD5

9986e0e0096defabd2a519a65e553e5f
SHA1

89a706ed9797fc966d8eb62b9093fbe47d42f041
SHA256

1392df92a482f9cbe6716cfe5e4cbb3e70d11154cca71d1c7a83b0a21eb160ea
SHA512

7f5e4352ff6c2bfcb67cb16a916e91675747c46a1eb15979ee75718f8af877b45b2f35c3dd40348a4546bf6f12c56b540893e623f90c98e1303b7d738800c888
SSDEEP

3072:/lvGa3PuTNisVzWKrDMntVtxPAgasxkgaBChUpZa9uD6Vdyhk:tuCuTNisVz9D+9VAgHiga3wVf

Score

10^/10

smokeloader 0009 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

0009

Targets

- Target
  
  1392df92a482f9cbe6716cfe5e4cbb3e70d11154cca71d1c7a83b0a21eb160ea
- Size
  
  251KB
- MD5
  
  9986e0e0096defabd2a519a65e553e5f
- SHA1
  
  89a706ed9797fc966d8eb62b9093fbe47d42f041
- SHA256
  
  1392df92a482f9cbe6716cfe5e4cbb3e70d11154cca71d1c7a83b0a21eb160ea
- SHA512
  
  7f5e4352ff6c2bfcb67cb16a916e91675747c46a1eb15979ee75718f8af877b45b2f35c3dd40348a4546bf6f12c56b540893e623f90c98e1303b7d738800c888
- SSDEEP
  
  3072:/lvGa3PuTNisVzWKrDMntVtxPAgasxkgaBChUpZa9uD6Vdyhk:tuCuTNisVz9D+9VAgHiga3wVf
Score

10^/10

smokeloader 0009 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader0009backdoordiscoverytrojan

behavioral2

smokeloader0009backdoordiscoverytrojan