smokeloader

General

Target

efc4a99e2e08a0ee43f05a0035014dd0_JaffaCakes118
Size

330KB
Sample

240414-3jewcabd7y
MD5

efc4a99e2e08a0ee43f05a0035014dd0
SHA1

02425eb096c5662a17281074e7369b19bac9602c
SHA256

5606d6363b9d8dec0cf41209c6327223e2bb7ce9ab54d8dfa7f61c105ffe68cf
SHA512

740aa4a0dd4668275e8c88efcb251f10a6a15ce0bcb364dc08ed293ecbdd79a89e6eb07259d51f83357a2dc7c47bc95014686805cd5b695d7872793a4abf7f9b
SSDEEP

6144:5OjsuVfy7rVKlDjHt22fQhmPWo4aW1H5rFBX2DcyJVxjrAqHJJT:lify/4DjN2Xhmei4Hd3scmJMKJJ

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Extracted

Family

smokeloader

Version

2020

C2

http://conceitosseg.com/upload/

http://integrasidata.com/upload/

http://ozentekstil.com/upload/

http://finbelportal.com/upload/

http://telanganadigital.com/upload/

rc4.i32

Targets

- Target
  
  efc4a99e2e08a0ee43f05a0035014dd0_JaffaCakes118
- Size
  
  330KB
- MD5
  
  efc4a99e2e08a0ee43f05a0035014dd0
- SHA1
  
  02425eb096c5662a17281074e7369b19bac9602c
- SHA256
  
  5606d6363b9d8dec0cf41209c6327223e2bb7ce9ab54d8dfa7f61c105ffe68cf
- SHA512
  
  740aa4a0dd4668275e8c88efcb251f10a6a15ce0bcb364dc08ed293ecbdd79a89e6eb07259d51f83357a2dc7c47bc95014686805cd5b695d7872793a4abf7f9b
- SSDEEP
  
  6144:5OjsuVfy7rVKlDjHt22fQhmPWo4aW1H5rFBX2DcyJVxjrAqHJJT:lify/4DjN2Xhmei4Hd3scmJMKJJ
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2