smokeloader | 475a1194bf004df0c0af3c150e21b264285c1912054756e0d2751dfbb80b45cd | Triage

Submit
Reports

Overview

overview

Static

static

3

11de658ef2...18.exe

windows7-x64

11de658ef2...18.exe

windows10-2004-x64

Sharing

General

Target

11de658ef262fbc43703de74192456af_JaffaCakes118
Size

157KB
Sample

240626-nr43wawbmj
MD5

11de658ef262fbc43703de74192456af
SHA1

ba1b7b96fe9f9107ce50107e6f0d32015d3763a6
SHA256

475a1194bf004df0c0af3c150e21b264285c1912054756e0d2751dfbb80b45cd
SHA512

0adaa42f0f3dc5f985dbb1f9b1b3ce58b8cde7d86b134c4659879879a8252084e4b5461c5ed0bf2de869e8757e0c7c20b79a308341786c3eeacd687b510bdb31
SSDEEP

3072:NcWtgtdyyOVdcK3ZkeXr7C4HUDyWGI+hrqoWHMCK7dzw7OI:NfqtdyP3pTXi4CyRhW1sCK7h

Score

10^/10

smokeloader li11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

11de658ef262fbc43703de74192456af_JaffaCakes118.exe

Resource

win7-20240508-en

smokeloader li11 backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

11de658ef262fbc43703de74192456af_JaffaCakes118.exe

Resource

win10v2004-20240611-en

smokeloader li11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  11de658ef262fbc43703de74192456af_JaffaCakes118
- Size
  
  157KB
- MD5
  
  11de658ef262fbc43703de74192456af
- SHA1
  
  ba1b7b96fe9f9107ce50107e6f0d32015d3763a6
- SHA256
  
  475a1194bf004df0c0af3c150e21b264285c1912054756e0d2751dfbb80b45cd
- SHA512
  
  0adaa42f0f3dc5f985dbb1f9b1b3ce58b8cde7d86b134c4659879879a8252084e4b5461c5ed0bf2de869e8757e0c7c20b79a308341786c3eeacd687b510bdb31
- SSDEEP
  
  3072:NcWtgtdyyOVdcK3ZkeXr7C4HUDyWGI+hrqoWHMCK7dzw7OI:NfqtdyP3pTXi4CyRhW1sCK7h
Score

10^/10

smokeloader li11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderli11backdoortrojan

behavioral2

smokeloaderli11backdoortrojan

© 2018-2024

Terms | Privacy