smokeloader | 7428c026b3b24e00b4ddf1fa0468813fc1deba7520dc55d03e33ec61bf6c5f2a | Triage

Sharing

General

Target

7428c026b3b24e00b4ddf1fa0468813fc1deba7520dc55d03e33ec61bf6c5f2a
Size

175KB
Sample

241108-lcdk9szema
MD5

550b4e6afea258acc98528df35aecab3
SHA1

99dd913ee68eeea47fc824c2dd256c9d9d0270a5
SHA256

7428c026b3b24e00b4ddf1fa0468813fc1deba7520dc55d03e33ec61bf6c5f2a
SHA512

09004403fe5388b5b53fe74a90937a8b3902ba8d6ee5949b91d6ce48f52e1d2a5acc7aa29855c2d76c16da0638448b1c88547273865e3f3284ceede523c52f64
SSDEEP

3072:Zn0SZWn19/a4vhYTKqbwegRX7cJqkYbjvujXgodtldWYAkCUBYq/q4LPvJ2wInH:Nw19/oTKizgRX4sL/vAXWvkJBYqSCXJi

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  9a03353f33056e104624269ac6c93c2f10e46a6e5bfb62ad4540efefd2fb13a2.exe
- Size
  
  295KB
- MD5
  
  3d453a7b5957aebacd9c6bf4c05d8908
- SHA1
  
  3143bf00c4177cf9fe8ee42068be61322349bf47
- SHA256
  
  9a03353f33056e104624269ac6c93c2f10e46a6e5bfb62ad4540efefd2fb13a2
- SHA512
  
  e3915826b1ddeaaaebe05ab6e956a0b12c4368d3e8d32c873cd132710c484b4ce890aad9d8088f87a5f633a2670af87437b60cd727424110b85966dd2e1a0233
- SSDEEP
  
  3072:ab8g0lq8/wkbXNeUv1uO9WonD0PLJl6zZ6+MwOGxTDkaslmc2toiDTNg:csqSpXNP1uhlwFMwV1DkwtDDTO
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan