smokeloader | 23bc5f4a87c1375b4b75c77d2d546a530cc424e553b461e6c9f242320ae956ac | Triage

Sharing

General

Target

23bc5f4a87c1375b4b75c77d2d546a530cc424e553b461e6c9f242320ae956ac
Size

250KB
Sample

240926-x8rzbathkn
MD5

2e98326e9a500976a510f8da7067c266
SHA1

0b46ce2db20ad6bb44b1bca86f20203b07d5edfb
SHA256

23bc5f4a87c1375b4b75c77d2d546a530cc424e553b461e6c9f242320ae956ac
SHA512

8050c9c1c1ac0592841fbfc43a8387f01e71e72200b8e38e126842a3cb22edf3bdadcb57f422a10fbef3030f53f174694899f90b84d98470b020749ead0b056e
SSDEEP

3072:/LcNaUxM/0Jz9rzA7KYd8WR3eTdBDwCcbn5+XVYz3M5CxZ2HVWaej:/LcUoMcHQu4RYdBDZFYc5iYW

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  23bc5f4a87c1375b4b75c77d2d546a530cc424e553b461e6c9f242320ae956ac
- Size
  
  250KB
- MD5
  
  2e98326e9a500976a510f8da7067c266
- SHA1
  
  0b46ce2db20ad6bb44b1bca86f20203b07d5edfb
- SHA256
  
  23bc5f4a87c1375b4b75c77d2d546a530cc424e553b461e6c9f242320ae956ac
- SHA512
  
  8050c9c1c1ac0592841fbfc43a8387f01e71e72200b8e38e126842a3cb22edf3bdadcb57f422a10fbef3030f53f174694899f90b84d98470b020749ead0b056e
- SSDEEP
  
  3072:/LcNaUxM/0Jz9rzA7KYd8WR3eTdBDwCcbn5+XVYz3M5CxZ2HVWaej:/LcUoMcHQu4RYdBDZFYc5iYW
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan