smokeloader | 498ffb8797241785a8667e3be04c743301aaa5b75703847793597a700e41e1a8 | Triage

Sharing

General

Target

498ffb8797241785a8667e3be04c743301aaa5b75703847793597a700e41e1a8.exe
Size

226KB
Sample

250206-g75k1svrf1
MD5

63d0e572062c5bfc60fa8496cebe6ca9
SHA1

806274356d15cecd1b3eb10a50c6d4ddbe4a23d7
SHA256

498ffb8797241785a8667e3be04c743301aaa5b75703847793597a700e41e1a8
SHA512

e9d2b7614660c4e09b6a7006266606a53e83936736e1e05a9878fd5ab903306619e7c32a1c0e658e08cf3b09c7ed7770fe8565451fa8bfabe84de3c9db4fea5f
SSDEEP

3072:yseeYELUN2Xh9MRAJtfOpBsPLHewl8sDI45CbJWlftZiScisJ4r+BaqkQ:9YIk2Xn5OpBsDkGCbolftZJuJ4r+JkQ

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  498ffb8797241785a8667e3be04c743301aaa5b75703847793597a700e41e1a8.exe
- Size
  
  226KB
- MD5
  
  63d0e572062c5bfc60fa8496cebe6ca9
- SHA1
  
  806274356d15cecd1b3eb10a50c6d4ddbe4a23d7
- SHA256
  
  498ffb8797241785a8667e3be04c743301aaa5b75703847793597a700e41e1a8
- SHA512
  
  e9d2b7614660c4e09b6a7006266606a53e83936736e1e05a9878fd5ab903306619e7c32a1c0e658e08cf3b09c7ed7770fe8565451fa8bfabe84de3c9db4fea5f
- SSDEEP
  
  3072:yseeYELUN2Xh9MRAJtfOpBsPLHewl8sDI45CbJWlftZiScisJ4r+BaqkQ:9YIk2Xn5OpBsDkGCbolftZJuJ4r+JkQ
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan