smokeloader | faea567549b8075a1648896d6c2b07b3702cfbf8a7a062d9a22d03d4995c632c | Triage

Sharing

General

Target

f456a74ffabc1914201ac11a5a762746_JaffaCakes118
Size

111KB
Sample

240924-x2vfvsteqc
MD5

f456a74ffabc1914201ac11a5a762746
SHA1

ac01e6f45bf5547b8010e464e374f1dcecbb1836
SHA256

faea567549b8075a1648896d6c2b07b3702cfbf8a7a062d9a22d03d4995c632c
SHA512

0b75b714edb63c39246391b017a0c8770c1b7da18ae0539447ce679d2f1acae0db113bfea957fc08bdf84408f13bb04dc64a6ffb8cef0f67af6fda67e2971c57
SSDEEP

1536:Cz11NQ+YOt5BAkT7xWCsxx523Wz0eLDUJt2cZRCuMnKTGRitQZ:U11smfgEqhPcZRVMKTGRit

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  f456a74ffabc1914201ac11a5a762746_JaffaCakes118
- Size
  
  111KB
- MD5
  
  f456a74ffabc1914201ac11a5a762746
- SHA1
  
  ac01e6f45bf5547b8010e464e374f1dcecbb1836
- SHA256
  
  faea567549b8075a1648896d6c2b07b3702cfbf8a7a062d9a22d03d4995c632c
- SHA512
  
  0b75b714edb63c39246391b017a0c8770c1b7da18ae0539447ce679d2f1acae0db113bfea957fc08bdf84408f13bb04dc64a6ffb8cef0f67af6fda67e2971c57
- SSDEEP
  
  1536:Cz11NQ+YOt5BAkT7xWCsxx523Wz0eLDUJt2cZRCuMnKTGRitQZ:U11smfgEqhPcZRVMKTGRit
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan