smokeloader | 729060a7564199dada409dc71ad68816272e654c33b34af3a358cee0fac65ada | Triage

Submit
Reports

Overview

overview

Static

static

3

1d2ae9e1d2...18.exe

windows7-x64

1d2ae9e1d2...18.exe

windows10-2004-x64

Sharing

General

Target

1d2ae9e1d25e9b8acb5d03d0c580e964_JaffaCakes118
Size

143KB
Sample

240702-a67westepp
MD5

1d2ae9e1d25e9b8acb5d03d0c580e964
SHA1

27c4c6b54f2243a446d4bbd22f5378b9e34890a9
SHA256

729060a7564199dada409dc71ad68816272e654c33b34af3a358cee0fac65ada
SHA512

a6f0a3b48f10b92978e0c4bceed636bb2216f2a28b5aa1af2cead72bb1488064fa5442de0a6cb6cedfa6278bfff9b013e91cf7905fff84e25203ab9efa73e071
SSDEEP

3072:/j+oq7G7hysFIoaWu68m1PXUFhIUR3ZjlpK/sP/R5+:/LhyG6WXZPeIWjEqZ5+

Score

10^/10

smokeloader ku11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d2ae9e1d25e9b8acb5d03d0c580e964_JaffaCakes118.exe

Resource

win7-20240611-en

smokeloader ku11 backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d2ae9e1d25e9b8acb5d03d0c580e964_JaffaCakes118.exe

Resource

win10v2004-20240508-en

smokeloader ku11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

ku11

Targets

- Target
  
  1d2ae9e1d25e9b8acb5d03d0c580e964_JaffaCakes118
- Size
  
  143KB
- MD5
  
  1d2ae9e1d25e9b8acb5d03d0c580e964
- SHA1
  
  27c4c6b54f2243a446d4bbd22f5378b9e34890a9
- SHA256
  
  729060a7564199dada409dc71ad68816272e654c33b34af3a358cee0fac65ada
- SHA512
  
  a6f0a3b48f10b92978e0c4bceed636bb2216f2a28b5aa1af2cead72bb1488064fa5442de0a6cb6cedfa6278bfff9b013e91cf7905fff84e25203ab9efa73e071
- SSDEEP
  
  3072:/j+oq7G7hysFIoaWu68m1PXUFhIUR3ZjlpK/sP/R5+:/LhyG6WXZPeIWjEqZ5+
Score

10^/10

smokeloader ku11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderku11backdoortrojan

behavioral2

smokeloaderku11backdoortrojan

© 2018-2024

Terms | Privacy