smokeloader | 90d3dfef1cc0e74c65f9597e3a110185994afb753b23d3b42cfe77e3d36fadcf | Triage

Sharing

General

Target

fagwgje
Size

231KB
Sample

240914-ayjhvsxfnl
MD5

c50c50adc333e35cd41028fe767b0b27
SHA1

05c8ebb55fd5f573ffbfd4419ce1335305cf07f2
SHA256

90d3dfef1cc0e74c65f9597e3a110185994afb753b23d3b42cfe77e3d36fadcf
SHA512

67710cff3637673d387c8db07228e9c5a35212bb2f7bb23fe37f66890aada371f8f986adde0c50b80f882a2a4af01b6157d92412282c9c13b012d0360cc01b38
SSDEEP

3072:ZaAydvFfb2JUIhmx/BuI1N3GDvIjMKIj/GAanG:Q5vFfbCUmmx/BuuyRj/GTn

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  fagwgje
- Size
  
  231KB
- MD5
  
  c50c50adc333e35cd41028fe767b0b27
- SHA1
  
  05c8ebb55fd5f573ffbfd4419ce1335305cf07f2
- SHA256
  
  90d3dfef1cc0e74c65f9597e3a110185994afb753b23d3b42cfe77e3d36fadcf
- SHA512
  
  67710cff3637673d387c8db07228e9c5a35212bb2f7bb23fe37f66890aada371f8f986adde0c50b80f882a2a4af01b6157d92412282c9c13b012d0360cc01b38
- SSDEEP
  
  3072:ZaAydvFfb2JUIhmx/BuI1N3GDvIjMKIj/GAanG:Q5vFfbCUmmx/BuuyRj/GTn
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan