smokeloader | eeec646e4ce98b0e3d1637b9c332ae1389ed36502687c2f0fd690151ce788079 | Triage

Sharing

General

Target

2025-04-01_3255dd5b2a7f48cafed4d8d94356ca70_amadey_smoke-loader
Size

19.2MB
Sample

250401-c2jn5ssscs
MD5

3255dd5b2a7f48cafed4d8d94356ca70
SHA1

0f9929131f54214ca64f5801ea94b720fde27230
SHA256

eeec646e4ce98b0e3d1637b9c332ae1389ed36502687c2f0fd690151ce788079
SHA512

505341448a8c708bd00ca289c127cf6f870f93f23cc762ab38b1466b6d8242ec710741e48a675fd937d2ceeef1f804146b0689da61ae0924f7c5f53945ac9ef9
SSDEEP

6144:Ka8mjmVQcEzGBPoSUmGWMBCpoiJZVE5VskrbU:nXjDc4wPoSnGWMBIoipE52t

Score

10^/10

smokeloader backdoor discovery trojan

Malware Config

Targets

- Target
  
  2025-04-01_3255dd5b2a7f48cafed4d8d94356ca70_amadey_smoke-loader
- Size
  
  19.2MB
- MD5
  
  3255dd5b2a7f48cafed4d8d94356ca70
- SHA1
  
  0f9929131f54214ca64f5801ea94b720fde27230
- SHA256
  
  eeec646e4ce98b0e3d1637b9c332ae1389ed36502687c2f0fd690151ce788079
- SHA512
  
  505341448a8c708bd00ca289c127cf6f870f93f23cc762ab38b1466b6d8242ec710741e48a675fd937d2ceeef1f804146b0689da61ae0924f7c5f53945ac9ef9
- SSDEEP
  
  6144:Ka8mjmVQcEzGBPoSUmGWMBCpoiJZVE5VskrbU:nXjDc4wPoSnGWMBIoipE52t
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan