smokeloader | 2e60745315889d95ce4121ed41af14ac33337218c701d236a9a463754bb5bca5 | Triage

Submit
Reports

Overview

overview

Static

static

3

172a2e4828...18.exe

windows7-x64

172a2e4828...18.exe

windows10-2004-x64

Sharing

General

Target

172a2e482842f20094b2ba32237021ea_JaffaCakes118
Size

134KB
Sample

240627-xpvk4avhpg
MD5

172a2e482842f20094b2ba32237021ea
SHA1

376c3901dfa7465d483d894ddc685f65ea7dedc1
SHA256

2e60745315889d95ce4121ed41af14ac33337218c701d236a9a463754bb5bca5
SHA512

7e71848d5d60713b5685a90264aece8bdb4bcc02e23930cb72e135213c52be638a531970531fea446b75d0ae1c6904f8eedc51a6fd5b76062043b18f60db7cc7
SSDEEP

3072:wQ1nyrQwd5G2E3px3wNGrJRW2jSMBCaqnbeLJXd3:wQ1nunsrR2WCaqbeNJ

Score

10^/10

smokeloader li11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

172a2e482842f20094b2ba32237021ea_JaffaCakes118.exe

Resource

win7-20240419-en

smokeloader li11 backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

172a2e482842f20094b2ba32237021ea_JaffaCakes118.exe

Resource

win10v2004-20240611-en

smokeloader li11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  172a2e482842f20094b2ba32237021ea_JaffaCakes118
- Size
  
  134KB
- MD5
  
  172a2e482842f20094b2ba32237021ea
- SHA1
  
  376c3901dfa7465d483d894ddc685f65ea7dedc1
- SHA256
  
  2e60745315889d95ce4121ed41af14ac33337218c701d236a9a463754bb5bca5
- SHA512
  
  7e71848d5d60713b5685a90264aece8bdb4bcc02e23930cb72e135213c52be638a531970531fea446b75d0ae1c6904f8eedc51a6fd5b76062043b18f60db7cc7
- SSDEEP
  
  3072:wQ1nyrQwd5G2E3px3wNGrJRW2jSMBCaqnbeLJXd3:wQ1nunsrR2WCaqbeNJ
Score

10^/10

smokeloader li11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderli11backdoortrojan

behavioral2

smokeloaderli11backdoortrojan

© 2018-2024

Terms | Privacy