smokeloader | 9913053ba47efd472cb78d5af642b2525a2a173e95598e555aebbd9d8a5f62f0 | Triage

Sharing

General

Target

wdhdref
Size

403KB
Sample

240913-2a487sscrl
MD5

5e7634b31f15921f3edf6dfa0aef28e0
SHA1

51464d65ff828b62d5f90237e4f3b74039ff7a02
SHA256

9913053ba47efd472cb78d5af642b2525a2a173e95598e555aebbd9d8a5f62f0
SHA512

787b0003c08724223eebff94506e200551304a246572bf34056982a3c47a7d899d1d21b010672be306df3520ae90ad17a60fbe4a5da55ea9a7175d65ecbaf541
SSDEEP

6144:ZLLMn4A0lTubbF3jvIpDae9t978L7nx2iSY:ZfM8T0b9r0z9f8JtT

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  wdhdref
- Size
  
  403KB
- MD5
  
  5e7634b31f15921f3edf6dfa0aef28e0
- SHA1
  
  51464d65ff828b62d5f90237e4f3b74039ff7a02
- SHA256
  
  9913053ba47efd472cb78d5af642b2525a2a173e95598e555aebbd9d8a5f62f0
- SHA512
  
  787b0003c08724223eebff94506e200551304a246572bf34056982a3c47a7d899d1d21b010672be306df3520ae90ad17a60fbe4a5da55ea9a7175d65ecbaf541
- SSDEEP
  
  6144:ZLLMn4A0lTubbF3jvIpDae9t978L7nx2iSY:ZfM8T0b9r0z9f8JtT
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan