smokeloader | af296d22f5a11156f12eef71c80514783d0f193c5ee4554c554d5b6f9c7f4b48 | Triage

Sharing

General

Target

af296d22f5a11156f12eef71c80514783d0f193c5ee4554c554d5b6f9c7f4b48
Size

161KB
Sample

241107-czra7swjhr
MD5

ff0a814c8324b1e9e21af1f193cccfc1
SHA1

649c36570f4bc3205ea218032f31b68b0af5a416
SHA256

af296d22f5a11156f12eef71c80514783d0f193c5ee4554c554d5b6f9c7f4b48
SHA512

4bf63f51fea68fdda5d22456beef37169ed1d39e441c2c79a53d363710fc73d2019b18c3c57f3629ded4a4d5e83be651dcd0316425085246c30bbc70b143ce4d
SSDEEP

3072:EkRG5Bj77Oxv57fYhYzbXjybC1jDqbe4cY0vFTSaG1IDgX:EkRG5Bj/8v5rYhYfjybsDqq/RyMgX

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  3fcf17a312da09e7d7cb7a69b3575e791de5494420eb99e7bd00f6a63cb40988.exe
- Size
  
  270KB
- MD5
  
  a2a5b77b07d83496073fc3613aa7384f
- SHA1
  
  6dbf458de23eff5b42f43c8c7ac685517ebb0286
- SHA256
  
  3fcf17a312da09e7d7cb7a69b3575e791de5494420eb99e7bd00f6a63cb40988
- SHA512
  
  4cb73542d6621ae23e29c084919d38cc5322693c6d553111a70f7685fc6e3fa6fcf12100bdf012f659a74a977cceef606b5a2851be4d5ff96622f5f63fa20d03
- SSDEEP
  
  3072:RrJQF/YTMuU2y2fAS8vPVC/a6w1H1yTBJazm4fHQcaBeylmhZ:feYHU2zfA31MTDazmoHc+
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan