smokeloader | 5697e8e6906901aa2a2353afc258b9766773dbea0e051f2de24cd39c2045668b | Triage

Sharing

General

Target

JaffaCakes118_b576cf6ecfa87f4f9eaa636a46b758be
Size

232KB
Sample

250109-a3sbkasrgr
MD5

b576cf6ecfa87f4f9eaa636a46b758be
SHA1

a42611662c0d224ddd163a59af2efcec2f71a886
SHA256

5697e8e6906901aa2a2353afc258b9766773dbea0e051f2de24cd39c2045668b
SHA512

d42575c42c40eeeb132c0c152c925b6790373b235fc87b7cee535e2e1470d7a875afcd9eb3a177d07da5fa5fd4fe54b49f70e405f562ab4f9be8826a135a9b07
SSDEEP

6144:ngxInv9KvT3MOO3mH5diTCKgaIADG8elp:nGInlYiTCmxDE

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_b576cf6ecfa87f4f9eaa636a46b758be
- Size
  
  232KB
- MD5
  
  b576cf6ecfa87f4f9eaa636a46b758be
- SHA1
  
  a42611662c0d224ddd163a59af2efcec2f71a886
- SHA256
  
  5697e8e6906901aa2a2353afc258b9766773dbea0e051f2de24cd39c2045668b
- SHA512
  
  d42575c42c40eeeb132c0c152c925b6790373b235fc87b7cee535e2e1470d7a875afcd9eb3a177d07da5fa5fd4fe54b49f70e405f562ab4f9be8826a135a9b07
- SSDEEP
  
  6144:ngxInv9KvT3MOO3mH5diTCKgaIADG8elp:nGInlYiTCmxDE
Score

10^/10

smokeloader backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoordiscoverytrojan