smokeloader | 8215415ca9653cbcee816400fb19ecd9299d88b54301e94809cc438f83993109 | Triage

Submit
Reports

Overview

overview

Static

static

3

1c53c6794e...18.exe

windows7-x64

1c53c6794e...18.exe

windows10-2004-x64

Sharing

General

Target

1c53c6794ef9cbcc5feca6c3bfb416fe_JaffaCakes118
Size

154KB
Sample

240701-ytr67swhrb
MD5

1c53c6794ef9cbcc5feca6c3bfb416fe
SHA1

016305a3e07f0f465379b73f87b13d5bf8cdd4a8
SHA256

8215415ca9653cbcee816400fb19ecd9299d88b54301e94809cc438f83993109
SHA512

0ca3cba1bbe9ae17f67dcf3de5469b0f98d99964da7d485c2c6098fb2d38143ddbc521889d52b5164bb10f2858660fef7fd6976c273126faf1f67703fa4bda0a
SSDEEP

1536:XOWdigBKUHdE1X8SJk/PZmGwsfnlTAVZKCJvTinnUwShrJp0gNPF4b1/sGi703DO:+WdzKU9ks2sdAVZTZEShHu9W70TSsZ

Score

10^/10

smokeloader ku11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1c53c6794ef9cbcc5feca6c3bfb416fe_JaffaCakes118.exe

Resource

win7-20240508-en

smokeloader ku11 backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c53c6794ef9cbcc5feca6c3bfb416fe_JaffaCakes118.exe

Resource

win10v2004-20240508-en

smokeloader ku11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

ku11

Targets

- Target
  
  1c53c6794ef9cbcc5feca6c3bfb416fe_JaffaCakes118
- Size
  
  154KB
- MD5
  
  1c53c6794ef9cbcc5feca6c3bfb416fe
- SHA1
  
  016305a3e07f0f465379b73f87b13d5bf8cdd4a8
- SHA256
  
  8215415ca9653cbcee816400fb19ecd9299d88b54301e94809cc438f83993109
- SHA512
  
  0ca3cba1bbe9ae17f67dcf3de5469b0f98d99964da7d485c2c6098fb2d38143ddbc521889d52b5164bb10f2858660fef7fd6976c273126faf1f67703fa4bda0a
- SSDEEP
  
  1536:XOWdigBKUHdE1X8SJk/PZmGwsfnlTAVZKCJvTinnUwShrJp0gNPF4b1/sGi703DO:+WdzKU9ks2sdAVZTZEShHu9W70TSsZ
Score

10^/10

smokeloader ku11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderku11backdoortrojan

behavioral2

smokeloaderku11backdoortrojan

© 2018-2024

Terms | Privacy