smokeloader | 56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca | Triage

Sharing

General

Target

56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
Size

286KB
Sample

240924-j8xmxaxckr
MD5

c0055a567dc53196f0c7c418ac7d2700
SHA1

d2ff7cd6625129fc7fce57b2871e224f03227606
SHA256

56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
SHA512

d5893764a245bf93cec1139bd6808a6754e8ebd5fcc97b5d4ad80d2e1d7c455c1998a1fa470d0f91326fa106b25bd88499712f0604c117b592dda644040c78de
SSDEEP

6144:yxcLCrWDWGNXv7qZBiq10MRkRpR3OG/WmCcNH:jLWWDonkh3d

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
- Size
  
  286KB
- MD5
  
  c0055a567dc53196f0c7c418ac7d2700
- SHA1
  
  d2ff7cd6625129fc7fce57b2871e224f03227606
- SHA256
  
  56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
- SHA512
  
  d5893764a245bf93cec1139bd6808a6754e8ebd5fcc97b5d4ad80d2e1d7c455c1998a1fa470d0f91326fa106b25bd88499712f0604c117b592dda644040c78de
- SSDEEP
  
  6144:yxcLCrWDWGNXv7qZBiq10MRkRpR3OG/WmCcNH:jLWWDonkh3d
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan