smokeloader | e5abb3371787fbc9567867a1304cc18624134417480ee5d8d1e4f1d4368cb114 | Triage

Sharing

General

Target

e5abb3371787fbc9567867a1304cc18624134417480ee5d8d1e4f1d4368cb114N
Size

249KB
Sample

241027-nje4saxhkq
MD5

32780be68011901e126753d4f213a3c0
SHA1

0dbe799680837608e04c48b722e66ad00a447ad1
SHA256

e5abb3371787fbc9567867a1304cc18624134417480ee5d8d1e4f1d4368cb114
SHA512

3984db75a07e085978b13ac0ead03d6537c7f5ffd938b631e6ce66c042c0aa8ee5d3b0085fa113e50460cba1492928b72d22fca3f2c8e2b5bbc3a94fb4f2d325
SSDEEP

3072:o8LCNar8Hab17xdumIVDQDFmJ+RAU5JXVYz3M5PTsxZ2HVWaej:o8LCUgHmhIVU4JknFYc5PkYW

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  e5abb3371787fbc9567867a1304cc18624134417480ee5d8d1e4f1d4368cb114N
- Size
  
  249KB
- MD5
  
  32780be68011901e126753d4f213a3c0
- SHA1
  
  0dbe799680837608e04c48b722e66ad00a447ad1
- SHA256
  
  e5abb3371787fbc9567867a1304cc18624134417480ee5d8d1e4f1d4368cb114
- SHA512
  
  3984db75a07e085978b13ac0ead03d6537c7f5ffd938b631e6ce66c042c0aa8ee5d3b0085fa113e50460cba1492928b72d22fca3f2c8e2b5bbc3a94fb4f2d325
- SSDEEP
  
  3072:o8LCNar8Hab17xdumIVDQDFmJ+RAU5JXVYz3M5PTsxZ2HVWaej:o8LCUgHmhIVU4JknFYc5PkYW
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan