smokeloader | 14c5d3f938ffaf9a07fc49afd4d5cd6d4669df28d3a06bd036a56a44e369c51d | Triage

Sharing

General

Target

14c5d3f938ffaf9a07fc49afd4d5cd6d4669df28d3a06bd036a56a44e369c51d
Size

262KB
Sample

241215-rfewdsylak
MD5

5f4b4c493f1a8d3c5e91c3122d4bd017
SHA1

2ecf35fcc59743d28751d5104a10f0150a0c7869
SHA256

14c5d3f938ffaf9a07fc49afd4d5cd6d4669df28d3a06bd036a56a44e369c51d
SHA512

4130e4b033c25486eadbaddd730aacf3a04f3c65fbb53c480a8366e86da4bcd1743b1d63081db14af6f1e6a3f603875ab7909ee9280b525569259e4f15ca14ca
SSDEEP

6144:9UqrBRnd5U1hKx/ioFBsyRDRPzMZdCFJD+hOLs/ERo:SOLohKx/i5yRFzuMFAW

Score

10^/10

smokeloader 0010 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

0010

Targets

- Target
  
  14c5d3f938ffaf9a07fc49afd4d5cd6d4669df28d3a06bd036a56a44e369c51d
- Size
  
  262KB
- MD5
  
  5f4b4c493f1a8d3c5e91c3122d4bd017
- SHA1
  
  2ecf35fcc59743d28751d5104a10f0150a0c7869
- SHA256
  
  14c5d3f938ffaf9a07fc49afd4d5cd6d4669df28d3a06bd036a56a44e369c51d
- SHA512
  
  4130e4b033c25486eadbaddd730aacf3a04f3c65fbb53c480a8366e86da4bcd1743b1d63081db14af6f1e6a3f603875ab7909ee9280b525569259e4f15ca14ca
- SSDEEP
  
  6144:9UqrBRnd5U1hKx/ioFBsyRDRPzMZdCFJD+hOLs/ERo:SOLohKx/i5yRFzuMFAW
Score

10^/10

smokeloader 0010 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader0010backdoordiscoverytrojan

behavioral2

smokeloader0010backdoordiscoverytrojan