smokeloader | 398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701 | Triage

Sharing

General

Target

398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
Size

285KB
Sample

240825-zqs5rswdmj
MD5

579490a130cb54ce7bc1db31e73286fb
SHA1

fc89cf89461fc7fb5a73060058588d71bf29fb34
SHA256

398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
SHA512

7e2b97f3eddbc31f0786cf7411a4d2d90a7df2c7dece487b325e55e3f385effc4729fe23318a5ced8d123f82e0dc772b98b062b1629f8a71e480111068386886
SSDEEP

6144:4bwZSj6j6lNJ5tw3URj2A8GVDGbww5aOHZA7lSV61EOb7:MGSj6rGVDMkOHe7tN

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
- Size
  
  285KB
- MD5
  
  579490a130cb54ce7bc1db31e73286fb
- SHA1
  
  fc89cf89461fc7fb5a73060058588d71bf29fb34
- SHA256
  
  398130cee11748aa4a8dbf484fa4c4456746267d0756146555085f90541b5701
- SHA512
  
  7e2b97f3eddbc31f0786cf7411a4d2d90a7df2c7dece487b325e55e3f385effc4729fe23318a5ced8d123f82e0dc772b98b062b1629f8a71e480111068386886
- SSDEEP
  
  6144:4bwZSj6j6lNJ5tw3URj2A8GVDGbww5aOHZA7lSV61EOb7:MGSj6rGVDMkOHe7tN
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan