smokeloader | fccb6b45a987506075fd368ae627eeca55d9f2fb4d9644007dbe17d1de355ff4 | Triage

Submit
Reports

Overview

overview

Static

static

3

1563a97c91...18.exe

windows7-x64

1563a97c91...18.exe

windows10-2004-x64

Sharing

General

Target

1563a97c910e01d4403535c6af5254e6_JaffaCakes118
Size

112KB
Sample

240627-ktghtavhjr
MD5

1563a97c910e01d4403535c6af5254e6
SHA1

443347929056b7f35b73e0b6034b3cd2586f4d08
SHA256

fccb6b45a987506075fd368ae627eeca55d9f2fb4d9644007dbe17d1de355ff4
SHA512

fe7a624014c11fa8a483df34ad7b15c26dada053abf996502221ccf5fbd499ba7747b697896861e35a0053202dcc03436d7ecbb76a48f666f08ffbccb17639f2
SSDEEP

1536:du4ZCXbG9M1aes/o0KR2ojCgNRU1uXIJ825YBVrjmz+w/bHI6IdZl:dZZCLGO1aN/oxgoGgNRU1hv3XbOd7

Score

10^/10

smokeloader li11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1563a97c910e01d4403535c6af5254e6_JaffaCakes118.exe

Resource

win7-20240611-en

smokeloader li11 backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1563a97c910e01d4403535c6af5254e6_JaffaCakes118.exe

Resource

win10v2004-20240508-en

smokeloader li11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  1563a97c910e01d4403535c6af5254e6_JaffaCakes118
- Size
  
  112KB
- MD5
  
  1563a97c910e01d4403535c6af5254e6
- SHA1
  
  443347929056b7f35b73e0b6034b3cd2586f4d08
- SHA256
  
  fccb6b45a987506075fd368ae627eeca55d9f2fb4d9644007dbe17d1de355ff4
- SHA512
  
  fe7a624014c11fa8a483df34ad7b15c26dada053abf996502221ccf5fbd499ba7747b697896861e35a0053202dcc03436d7ecbb76a48f666f08ffbccb17639f2
- SSDEEP
  
  1536:du4ZCXbG9M1aes/o0KR2ojCgNRU1uXIJ825YBVrjmz+w/bHI6IdZl:dZZCLGO1aN/oxgoGgNRU1hv3XbOd7
Score

10^/10

smokeloader li11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderli11backdoortrojan

behavioral2

smokeloaderli11backdoortrojan

© 2018-2024

Terms | Privacy