smokeloader | 0bc7aa1362692578dcfe7196538cf2800a1cee5736ddfc8a835e1d96c900a6f5 | Triage

Sharing

General

Target

JaffaCakes118_0bc7aa1362692578dcfe7196538cf2800a1cee5736ddfc8a835e1d96c900a6f5
Size

122KB
Sample

241225-x7grystqaz
MD5

138adfc940eb81fae5b478ca27cd40f6
SHA1

a9c8268f7a8312bd45413613d80d23a666745717
SHA256

0bc7aa1362692578dcfe7196538cf2800a1cee5736ddfc8a835e1d96c900a6f5
SHA512

b58773c951efb319c03f0c0f38ebb9a76d16e0ce1ea0a90e97677b399a579977a0dd735cb3437ccf44e9247a1c48620870b0375f8898e493ef29ba00f12fdd90
SSDEEP

3072:QeNZOUiyGMROUMSx+eCQzP9ZTQzET64Ti:DZDTOU7RCu0Ui

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  34cc4d6076f0138aef067cde3f7ba808ad9f7e814e5777f10e014390255ed6f3
- Size
  
  171KB
- MD5
  
  35307e3d83da4f92c13b0f03a3ed9b3a
- SHA1
  
  1f5dc767f662a2a59662285533a1aff0f03683fa
- SHA256
  
  34cc4d6076f0138aef067cde3f7ba808ad9f7e814e5777f10e014390255ed6f3
- SHA512
  
  68de466978d55268c574854ff7fa0a8365b870959557c842625a2a6c38bfa77438f3e6c40f922b1ef611caee3708c8a0dd234b15e2ade8145bec22246ebe5e58
- SSDEEP
  
  3072:/rQ/IC5cBcHr5zmKdfuzaaJm1pqzLgxEHPP2bi9UHCwKVp:jQ/IecBcZmCf1RpwLg6H/Oif
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan