smokeloader

General

Target

78375b849e08715aa936026378f5144f_JaffaCakes118
Size

311KB
Sample

240401-xyntxade78
MD5

78375b849e08715aa936026378f5144f
SHA1

93486ee3e98897bcf8bc0707797ee2ad3a027690
SHA256

f0232cb85baaa1c6a56dbdad622acf2288dfa667e2506975289de339291b0962
SHA512

09af05bcecdd85e1e4c1f7142188bd4ef065502621fcc4c0e5955b620fafe6423285a48a67f8a9b16db5ae2916a22d759d5b581d02d3115780d62f4d87b885ae
SSDEEP

6144:cmyjjewKCvCl2Qvh9Yypl/cTab6Gh+Nt8T:byjj+C22Qpxpl9b6GM

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Extracted

Family

smokeloader

Version

2020

C2

http://bostoc.com/upload/

http://qianyoupj.cn/upload/

http://sleoppen.com/upload/

http://stempelbeton.at/upload/

rc4.i32

Targets

- Target
  
  78375b849e08715aa936026378f5144f_JaffaCakes118
- Size
  
  311KB
- MD5
  
  78375b849e08715aa936026378f5144f
- SHA1
  
  93486ee3e98897bcf8bc0707797ee2ad3a027690
- SHA256
  
  f0232cb85baaa1c6a56dbdad622acf2288dfa667e2506975289de339291b0962
- SHA512
  
  09af05bcecdd85e1e4c1f7142188bd4ef065502621fcc4c0e5955b620fafe6423285a48a67f8a9b16db5ae2916a22d759d5b581d02d3115780d62f4d87b885ae
- SSDEEP
  
  6144:cmyjjewKCvCl2Qvh9Yypl/cTab6Gh+Nt8T:byjj+C22Qpxpl9b6GM
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2