smokeloader | f9addcdeb422d93736dc4f9842636bff9417ce95542adeab79a0cba5c5d4f769 | Triage

Submit
Reports

Overview

overview

Static

static

3

1f622a1e8e...18.exe

windows7-x64

1f622a1e8e...18.exe

windows10-2004-x64

Sharing

General

Target

1f622a1e8ea2dac58321083ee4bf0db5_JaffaCakes118
Size

128KB
Sample

240702-p5qcbaxdjm
MD5

1f622a1e8ea2dac58321083ee4bf0db5
SHA1

2a82e45485f07a258005f0223e88b724389117d2
SHA256

f9addcdeb422d93736dc4f9842636bff9417ce95542adeab79a0cba5c5d4f769
SHA512

62dc6f5637b0bd68e4784ac136e0decca7edc7204153ea7aa267b9960dfadbcf2a02db7068f05abf47c558284affa4f9823c13f0440d549c17b0e55b090771bb
SSDEEP

1536:cGeFPVQOb+vbwBKUHzCJIvdwl0yVqrav17P4VVeW2dWRg0MCLjCK0KZd2F:Gb+vb0KUO2vq+yVq817gVrtMiCK0i8

Score

10^/10

smokeloader ku11 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1f622a1e8ea2dac58321083ee4bf0db5_JaffaCakes118.exe

Resource

win7-20240611-en

smokeloader ku11 backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f622a1e8ea2dac58321083ee4bf0db5_JaffaCakes118.exe

Resource

win10v2004-20240508-en

smokeloader ku11 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

ku11

Targets

- Target
  
  1f622a1e8ea2dac58321083ee4bf0db5_JaffaCakes118
- Size
  
  128KB
- MD5
  
  1f622a1e8ea2dac58321083ee4bf0db5
- SHA1
  
  2a82e45485f07a258005f0223e88b724389117d2
- SHA256
  
  f9addcdeb422d93736dc4f9842636bff9417ce95542adeab79a0cba5c5d4f769
- SHA512
  
  62dc6f5637b0bd68e4784ac136e0decca7edc7204153ea7aa267b9960dfadbcf2a02db7068f05abf47c558284affa4f9823c13f0440d549c17b0e55b090771bb
- SSDEEP
  
  1536:cGeFPVQOb+vbwBKUHzCJIvdwl0yVqrav17P4VVeW2dWRg0MCLjCK0KZd2F:Gb+vb0KUO2vq+yVq817gVrtMiCK0i8
Score

10^/10

smokeloader ku11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderku11backdoortrojan

behavioral2

smokeloaderku11backdoortrojan

© 2018-2024

Terms | Privacy