smokeloader | 0b9d3f694c27f7fc90baf9858b32e84d400cd96ef6c1a16f32343b3f580907fd | Triage

Sharing

General

Target

0b9d3f694c27f7fc90baf9858b32e84d400cd96ef6c1a16f32343b3f580907fdN
Size

414KB
Sample

241004-aq38asybng
MD5

47020c00ea3c5051297776a861acf270
SHA1

c797581e7b71775c315efb2cae0aa1d15bec5e31
SHA256

0b9d3f694c27f7fc90baf9858b32e84d400cd96ef6c1a16f32343b3f580907fd
SHA512

fdfbd3a2f83ea357db203530ce3300fdf55e90784e1ca0ec91b6e3716eeef3be2d8bb43f5c50af704ca9744b1953188df2bdb7130666347e869eed7e24721d7d
SSDEEP

6144:IMyi7GPGv9ei2MDoIIwzDapOQx/0X7XnZQ7/u+Iha6F6:bFvki2MDoIIwyZB/u+9

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  0b9d3f694c27f7fc90baf9858b32e84d400cd96ef6c1a16f32343b3f580907fdN
- Size
  
  414KB
- MD5
  
  47020c00ea3c5051297776a861acf270
- SHA1
  
  c797581e7b71775c315efb2cae0aa1d15bec5e31
- SHA256
  
  0b9d3f694c27f7fc90baf9858b32e84d400cd96ef6c1a16f32343b3f580907fd
- SHA512
  
  fdfbd3a2f83ea357db203530ce3300fdf55e90784e1ca0ec91b6e3716eeef3be2d8bb43f5c50af704ca9744b1953188df2bdb7130666347e869eed7e24721d7d
- SSDEEP
  
  6144:IMyi7GPGv9ei2MDoIIwzDapOQx/0X7XnZQ7/u+Iha6F6:bFvki2MDoIIwyZB/u+9
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan