smokeloader | d757e8ca16f00f7d560e40a2b0a9bd59ff5b444ad58c5f2cf4e7fd7323df0ffa | Triage

Sharing

General

Target

d757e8ca16f00f7d560e40a2b0a9bd59ff5b444ad58c5f2cf4e7fd7323df0ffa.exe
Size

284KB
Sample

241103-ejrm5svbrn
MD5

4ece0a67cb1620acfa833920476d2f97
SHA1

eecd9fc0169bfbd680cbad3e28f920ee6f60255a
SHA256

d757e8ca16f00f7d560e40a2b0a9bd59ff5b444ad58c5f2cf4e7fd7323df0ffa
SHA512

14aa21428c26b49cdd7f169fcf39c621fb11e220ccc7928a84290fbd2ffb970cb1b6c47029abc4d40ae53a740cad75fd7c2772332594b39fd9b9de61afde04da
SSDEEP

3072:jv92efdPiWeJEX1wduLW265uC5/xY+6GwKYEtWV/487MWhTg6gvJ:z9PfxiWd1B2Y+X0fV/oWOv

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  d757e8ca16f00f7d560e40a2b0a9bd59ff5b444ad58c5f2cf4e7fd7323df0ffa.exe
- Size
  
  284KB
- MD5
  
  4ece0a67cb1620acfa833920476d2f97
- SHA1
  
  eecd9fc0169bfbd680cbad3e28f920ee6f60255a
- SHA256
  
  d757e8ca16f00f7d560e40a2b0a9bd59ff5b444ad58c5f2cf4e7fd7323df0ffa
- SHA512
  
  14aa21428c26b49cdd7f169fcf39c621fb11e220ccc7928a84290fbd2ffb970cb1b6c47029abc4d40ae53a740cad75fd7c2772332594b39fd9b9de61afde04da
- SSDEEP
  
  3072:jv92efdPiWeJEX1wduLW265uC5/xY+6GwKYEtWV/487MWhTg6gvJ:z9PfxiWd1B2Y+X0fV/oWOv
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan