smokeloader | 84480298736b3a29942f92f86e487dc3caf76447ea16ba4261175d039b998c55 | Triage

Sharing

General

Target

84480298736b3a29942f92f86e487dc3caf76447ea16ba4261175d039b998c55.exe
Size

251KB
Sample

241111-3aaj9syjaw
MD5

568cc4bef20cfdd2abbf05180bf67755
SHA1

fc1c7bbdbfb6e3848bf65f17e61a299cad44274c
SHA256

84480298736b3a29942f92f86e487dc3caf76447ea16ba4261175d039b998c55
SHA512

dbc142b6459c1d1df075c122b1e7dfe7ee872f2726f1404e7ce7a80a23eea53d4f92fc79b8ff63ab3644f4c3016eea2175b5da78ede8d572cfbb8d167f52da28
SSDEEP

3072:eO/w0JkkDmQO7vB5YZzknf/STgRWfI5dp4zulWV:puvY2nf/I6E84

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  84480298736b3a29942f92f86e487dc3caf76447ea16ba4261175d039b998c55.exe
- Size
  
  251KB
- MD5
  
  568cc4bef20cfdd2abbf05180bf67755
- SHA1
  
  fc1c7bbdbfb6e3848bf65f17e61a299cad44274c
- SHA256
  
  84480298736b3a29942f92f86e487dc3caf76447ea16ba4261175d039b998c55
- SHA512
  
  dbc142b6459c1d1df075c122b1e7dfe7ee872f2726f1404e7ce7a80a23eea53d4f92fc79b8ff63ab3644f4c3016eea2175b5da78ede8d572cfbb8d167f52da28
- SSDEEP
  
  3072:eO/w0JkkDmQO7vB5YZzknf/STgRWfI5dp4zulWV:puvY2nf/I6E84
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan