smokeloader | 2bb5e1775ff33e1d2374523c557396988d8055da9e0d91a99c234984859d7d63 | Triage

Sharing

General

Target

2bb5e1775ff33e1d2374523c557396988d8055da9e0d91a99c234984859d7d63
Size

159KB
Sample

241215-rfntasylbk
MD5

c4c8838386c8fd1e98f316771ef0aff4
SHA1

f40342b0fa331cded6b094ced806e1f78b17698a
SHA256

2bb5e1775ff33e1d2374523c557396988d8055da9e0d91a99c234984859d7d63
SHA512

7b63c8b1bb784e1a1ce3e5a4d2d5824e0c081ef951e77f08b2840bbb4e2d21767c4da86b1125f14a1d99c01c036c94c1d6500d4723b1c3f1d2df2b23fe3d3def
SSDEEP

3072:gIxiiAiCBbz216ZPkRgbUwfhPjQ54yE5pub3:gBFiOlR0CUcljQiyE5pub3

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  6a8e3e74aca4652b0ec2b532c20f408e6cbb912bc2a9a5f7560b15074883bff1
- Size
  
  261KB
- MD5
  
  5b47d4b3384eadccf0ef3fd5749329e0
- SHA1
  
  fe400ff40cbc7c63380b267ec7fccb5cb44acae1
- SHA256
  
  6a8e3e74aca4652b0ec2b532c20f408e6cbb912bc2a9a5f7560b15074883bff1
- SHA512
  
  839e670c1862711470998b73346a434f0cbcb85a2507c288bb34afee570103d957ee695fc70252415a556b4c4804dbc702bf3b4ab131efb54d0ee8561eef54ae
- SSDEEP
  
  3072:HheRB7Kve6LiFZYez54d1JqNPkRgbUwfpQyMPfBzv02J7M/h3:QRBepLyZMe0CUcpiPftv02J7
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan