smokeloader | 452681815ffa3c035abbb1961801a0bd6aea7aab82dc5b15970ea8435124d854 | Triage

Sharing

General

Target

452681815ffa3c035abbb1961801a0bd6aea7aab82dc5b15970ea8435124d854
Size

158KB
Sample

241215-rf3x8awphs
MD5

c2a56dccc8c470322775c6dd37f70020
SHA1

5fad6f55350c6af9522bb9b797000aa71733a2ae
SHA256

452681815ffa3c035abbb1961801a0bd6aea7aab82dc5b15970ea8435124d854
SHA512

82da1a7bd6b1ed18ecab59403377e7743251fe3130bc206a46c62ddb58d25bc7cc789d52e4592b167d68572de84d1df9f6437e4d66dac13f9159dd7f18e0b962
SSDEEP

3072:Ialt3/lu7RWdylcVssV0Kk2lLJqPMvZyqkUgtlquOPtpbQeExhL/0Q4r:Ian3RyeP0zWJqPMxyYuOPt+eExh70Q0

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  89bcaa9335432ed51f2c4355a7d4029ed44b107f9f3d7c486de052991a71e8ce
- Size
  
  259KB
- MD5
  
  be097e351869db5ba0b51d825111ba45
- SHA1
  
  af7342b34930550a15d788ab5220937c989fdcdf
- SHA256
  
  89bcaa9335432ed51f2c4355a7d4029ed44b107f9f3d7c486de052991a71e8ce
- SHA512
  
  2bb435719542abbb9f346963aaf868019c25de66a815582297fcc2a9c3ff238b713d06ff9c7ec3b108715b1770108fe570b74418f317db09a539a92adb2a206f
- SSDEEP
  
  3072:e95CB/63ULi69tyz5YJZba5tMMsq0ZyqsANv4SYMM/h3:GCBikLR9ZIl0Zy+Z+M
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan