smokeloader | f4f625c6ec130389122077c9650b1c195a7793a173a621416cea8622c14405fc | Triage

Sharing

General

Target

JaffaCakes118_37b6a0a0b3ee21d33fcdd3cea388e67f
Size

232KB
Sample

250106-yr7twawmex
MD5

37b6a0a0b3ee21d33fcdd3cea388e67f
SHA1

236eb8ab28cce563bcb05c38e051d418f237a725
SHA256

f4f625c6ec130389122077c9650b1c195a7793a173a621416cea8622c14405fc
SHA512

d3f087a9a1101d1450fc037be5debd9ef679ee8c3e93749e1d4b7dcba4a306bcf4e9c9a7dea7a3768f07f7b3534e84a5ccb9ed9bc13136370391859c26877447
SSDEEP

3072:HGxKfv13piX2VAFNMxJcm9HqzniJNbIseUs/G5H+CNf4/AWaSkSJu98vd:Zv13pi0AFN0rEniJNbIseUsSIADG8el

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_37b6a0a0b3ee21d33fcdd3cea388e67f
- Size
  
  232KB
- MD5
  
  37b6a0a0b3ee21d33fcdd3cea388e67f
- SHA1
  
  236eb8ab28cce563bcb05c38e051d418f237a725
- SHA256
  
  f4f625c6ec130389122077c9650b1c195a7793a173a621416cea8622c14405fc
- SHA512
  
  d3f087a9a1101d1450fc037be5debd9ef679ee8c3e93749e1d4b7dcba4a306bcf4e9c9a7dea7a3768f07f7b3534e84a5ccb9ed9bc13136370391859c26877447
- SSDEEP
  
  3072:HGxKfv13piX2VAFNMxJcm9HqzniJNbIseUs/G5H+CNf4/AWaSkSJu98vd:Zv13pi0AFN0rEniJNbIseUsSIADG8el
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan