smokeloader | 5c55dc9d371126fb891d66dcf529ce68062ebbac7cc0ebb9c666e3029e36578b | Triage

Sharing

General

Target

JaffaCakes118_be3f4ac269c0d6ba296a8c22d63fc99c
Size

337KB
Sample

250105-z8fmdsymaj
MD5

be3f4ac269c0d6ba296a8c22d63fc99c
SHA1

195d8e71d48ff591099c846ff23e9acd26e0dec0
SHA256

5c55dc9d371126fb891d66dcf529ce68062ebbac7cc0ebb9c666e3029e36578b
SHA512

e87e7190fa9416da979faca53d1fb42f4114098d48bf97efdcf47d574749a44fdf130c2c27dceff12681c4df74fd9dbc80c2a41d7b7b1220a1991a6ff1e620b6
SSDEEP

6144:80VnbklE5brbFn0UdPfz90Dha4jAmg/agJ1N:80VnbtnOKXuDhAmgSgJL

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_be3f4ac269c0d6ba296a8c22d63fc99c
- Size
  
  337KB
- MD5
  
  be3f4ac269c0d6ba296a8c22d63fc99c
- SHA1
  
  195d8e71d48ff591099c846ff23e9acd26e0dec0
- SHA256
  
  5c55dc9d371126fb891d66dcf529ce68062ebbac7cc0ebb9c666e3029e36578b
- SHA512
  
  e87e7190fa9416da979faca53d1fb42f4114098d48bf97efdcf47d574749a44fdf130c2c27dceff12681c4df74fd9dbc80c2a41d7b7b1220a1991a6ff1e620b6
- SSDEEP
  
  6144:80VnbklE5brbFn0UdPfz90Dha4jAmg/agJ1N:80VnbtnOKXuDhAmgSgJL
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan