smokeloader | 4d85956c0c7b55231be235e43f09c05fc60f8d0aecd0bc3d3a7458c52da02fc5 | Triage

Sharing

General

Target

11e71708998097c56aae705199eb090f_JaffaCakes118
Size

311KB
Sample

241004-fgfcrszalb
MD5

11e71708998097c56aae705199eb090f
SHA1

46187256575e13c0ab5f197081853e30c5ea2092
SHA256

4d85956c0c7b55231be235e43f09c05fc60f8d0aecd0bc3d3a7458c52da02fc5
SHA512

a805435baa6c8d44e36a8f67baca8eba5c90fc4605c4f9696c255a171c3a77b275cb3cd4f439714bb94eb4d22c54bbcd90895dfdf29106e2fbe155efca89dbd6
SSDEEP

6144:jAXBLND0+Hbkbi8RJeR4eHt8ZkZyCdURMNBQj6C8:EL5l7kbi8RJG/t8ZkdV48

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  11e71708998097c56aae705199eb090f_JaffaCakes118
- Size
  
  311KB
- MD5
  
  11e71708998097c56aae705199eb090f
- SHA1
  
  46187256575e13c0ab5f197081853e30c5ea2092
- SHA256
  
  4d85956c0c7b55231be235e43f09c05fc60f8d0aecd0bc3d3a7458c52da02fc5
- SHA512
  
  a805435baa6c8d44e36a8f67baca8eba5c90fc4605c4f9696c255a171c3a77b275cb3cd4f439714bb94eb4d22c54bbcd90895dfdf29106e2fbe155efca89dbd6
- SSDEEP
  
  6144:jAXBLND0+Hbkbi8RJeR4eHt8ZkZyCdURMNBQj6C8:EL5l7kbi8RJG/t8ZkdV48
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan