smokeloader | c14249a11b4cc3553c95be299efe8de1ceee15d19adbbff88cc0f8af8e952a72 | Triage

Sharing

General

Target

2336-2-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

241028-11aa3syape
MD5

0d71f93220f5d767ae4ed05c0a756988
SHA1

164794ab6f1a1c739821606b7385833bdafbb141
SHA256

c14249a11b4cc3553c95be299efe8de1ceee15d19adbbff88cc0f8af8e952a72
SHA512

1c5022eaa4bc129edf5087ae0638e68e28d6335954a08d7deae9c3d9f4100db16e3420dba9cc935ad0d1358516305a9caed95d72f875e82bbed2086eb72061fc
SSDEEP

768:RR8yqBqJTIH50gUSW9uM7/953mpdH5Yvos0tdB80Z1srmN:r8PePTftV53uV5Ygs0TBymN

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  2336-2-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  0d71f93220f5d767ae4ed05c0a756988
- SHA1
  
  164794ab6f1a1c739821606b7385833bdafbb141
- SHA256
  
  c14249a11b4cc3553c95be299efe8de1ceee15d19adbbff88cc0f8af8e952a72
- SHA512
  
  1c5022eaa4bc129edf5087ae0638e68e28d6335954a08d7deae9c3d9f4100db16e3420dba9cc935ad0d1358516305a9caed95d72f875e82bbed2086eb72061fc
- SSDEEP
  
  768:RR8yqBqJTIH50gUSW9uM7/953mpdH5Yvos0tdB80Z1srmN:r8PePTftV53uV5Ygs0TBymN
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pub4smokeloader

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan