smokeloader | baf0e3e41390d7f278cad71c444e242b6de5bed1c40a5d85a0c5f873897d9cdd | Triage

Sharing

General

Target

c268b4747baf79d4a97640240b9843aa_JaffaCakes118
Size

251KB
Sample

240826-gmyxqszeml
MD5

c268b4747baf79d4a97640240b9843aa
SHA1

43f7e0b1a21e51b5152b5df02158838e7beb4c50
SHA256

baf0e3e41390d7f278cad71c444e242b6de5bed1c40a5d85a0c5f873897d9cdd
SHA512

08af29ec1dbb3313620eba685eaf79fad8710a8dcd312a34786dc87e7dc0030baedb56dad0a93b19e7de155dcf88b0378e54220f6d117fa3794f58da7a33b96e
SSDEEP

6144:tk3xOEbCNSL8JhNAo8pq3mSn0zl19pDJO:AxOiCwQqotn0B19b

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  c268b4747baf79d4a97640240b9843aa_JaffaCakes118
- Size
  
  251KB
- MD5
  
  c268b4747baf79d4a97640240b9843aa
- SHA1
  
  43f7e0b1a21e51b5152b5df02158838e7beb4c50
- SHA256
  
  baf0e3e41390d7f278cad71c444e242b6de5bed1c40a5d85a0c5f873897d9cdd
- SHA512
  
  08af29ec1dbb3313620eba685eaf79fad8710a8dcd312a34786dc87e7dc0030baedb56dad0a93b19e7de155dcf88b0378e54220f6d117fa3794f58da7a33b96e
- SSDEEP
  
  6144:tk3xOEbCNSL8JhNAo8pq3mSn0zl19pDJO:AxOiCwQqotn0B19b
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan