smokeloader | e8d22ed359a17df94de5f41a4ec50d31c97cca7064951f069338abcc8bc248bf | Triage

Sharing

General

Target

d32a352a771b6e0f4243cee3d46e30bd_JaffaCakes118
Size

254KB
Sample

240908-a2l36axapc
MD5

d32a352a771b6e0f4243cee3d46e30bd
SHA1

f9e4be6804607542717cc1ec431ea13b9f49c62f
SHA256

e8d22ed359a17df94de5f41a4ec50d31c97cca7064951f069338abcc8bc248bf
SHA512

01ffe10f4e1c9883ad01d766f1083a7329425ac1d416f650313355970d9dc04ba92f1cdefa1510e7ad9d7caba28ba97878a85d1a09036b2b5d5d08c126a3de0d
SSDEEP

6144:Ev8tRGQjyp5dhHOMn/kj0v54CuKFzkaYDwYU:E0rPjyp5bHvm0vO4FgaLY

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  d32a352a771b6e0f4243cee3d46e30bd_JaffaCakes118
- Size
  
  254KB
- MD5
  
  d32a352a771b6e0f4243cee3d46e30bd
- SHA1
  
  f9e4be6804607542717cc1ec431ea13b9f49c62f
- SHA256
  
  e8d22ed359a17df94de5f41a4ec50d31c97cca7064951f069338abcc8bc248bf
- SHA512
  
  01ffe10f4e1c9883ad01d766f1083a7329425ac1d416f650313355970d9dc04ba92f1cdefa1510e7ad9d7caba28ba97878a85d1a09036b2b5d5d08c126a3de0d
- SSDEEP
  
  6144:Ev8tRGQjyp5dhHOMn/kj0v54CuKFzkaYDwYU:E0rPjyp5bHvm0vO4FgaLY
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan