smokeloader | cbe7fc2d9ae174b4c2c9c8a6b03870f0c721d32d468eee3761d375be56c1b8ac | Triage

Sharing

General

Target

cbe7fc2d9ae174b4c2c9c8a6b03870f0c721d32d468eee3761d375be56c1b8ac
Size

233KB
Sample

240525-13j83acb8y
MD5

5faf74f1d64eb617d0aee4aaf3746f12
SHA1

562a10230e0b96a1dcc9c848a2afca766e38bf75
SHA256

cbe7fc2d9ae174b4c2c9c8a6b03870f0c721d32d468eee3761d375be56c1b8ac
SHA512

86e9bab1d6ce26c95473a29fbe9e777cda568ba4e2e3c450214123f1e7699ec63aaadcd3b323b2e196176e4f4f9ecad4eb551d4b48c9b84f3e4b853dfd56d3df
SSDEEP

3072:XMyBkI+eqyQrskQ/COQSH+45lSgnPGcf6Fcx2YcwB8vAapMkTMCMC7TiHY:5uCbQQk2nQ0dnusNxpJBtkTQkT

Score

10^/10

smokeloader pub4 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  cbe7fc2d9ae174b4c2c9c8a6b03870f0c721d32d468eee3761d375be56c1b8ac
- Size
  
  233KB
- MD5
  
  5faf74f1d64eb617d0aee4aaf3746f12
- SHA1
  
  562a10230e0b96a1dcc9c848a2afca766e38bf75
- SHA256
  
  cbe7fc2d9ae174b4c2c9c8a6b03870f0c721d32d468eee3761d375be56c1b8ac
- SHA512
  
  86e9bab1d6ce26c95473a29fbe9e777cda568ba4e2e3c450214123f1e7699ec63aaadcd3b323b2e196176e4f4f9ecad4eb551d4b48c9b84f3e4b853dfd56d3df
- SSDEEP
  
  3072:XMyBkI+eqyQrskQ/COQSH+45lSgnPGcf6Fcx2YcwB8vAapMkTMCMC7TiHY:5uCbQQk2nQ0dnusNxpJBtkTQkT
Score

10^/10

smokeloader pub4 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoortrojan