smokeloader | c7839db336f11c965ab8e6fbad1a6c757711a24362cc20d63d4ce37aef9b83b1 | Triage

Sharing

General

Target

824d24a67584afaf1815b6599856a62d_JaffaCakes118
Size

304KB
Sample

241031-jgfkbavpbl
MD5

824d24a67584afaf1815b6599856a62d
SHA1

b3de9fd8aa584cb3cf06797aaa8a914b9ac40a36
SHA256

c7839db336f11c965ab8e6fbad1a6c757711a24362cc20d63d4ce37aef9b83b1
SHA512

ea388126073a3b9fa5ff857f2f62f80dba6dd844c4607b276dd427e03122240b96bdb8a83cd3f77405621f2b46ec424e50b70d521eff8b9ab150d1272bcd63cf
SSDEEP

6144:eBOqcNSXp3D5Sc0sMiuxpi/WNxqEI3tXBRCgxe6fbm:Ac4Xp3DgVsMi+NxOzR3e6fa

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  824d24a67584afaf1815b6599856a62d_JaffaCakes118
- Size
  
  304KB
- MD5
  
  824d24a67584afaf1815b6599856a62d
- SHA1
  
  b3de9fd8aa584cb3cf06797aaa8a914b9ac40a36
- SHA256
  
  c7839db336f11c965ab8e6fbad1a6c757711a24362cc20d63d4ce37aef9b83b1
- SHA512
  
  ea388126073a3b9fa5ff857f2f62f80dba6dd844c4607b276dd427e03122240b96bdb8a83cd3f77405621f2b46ec424e50b70d521eff8b9ab150d1272bcd63cf
- SSDEEP
  
  6144:eBOqcNSXp3D5Sc0sMiuxpi/WNxqEI3tXBRCgxe6fbm:Ac4Xp3DgVsMi+NxOzR3e6fa
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan