smokeloader | a9c80fcb24dc9e32be9b5cc6a268de0e8a234f55fb8ecd723739a401f51095b2 | Triage

Sharing

General

Target

902b1a756dc83cb7e76dd10b96745dcc_JaffaCakes118
Size

312KB
Sample

241123-xxvwtsxrgk
MD5

902b1a756dc83cb7e76dd10b96745dcc
SHA1

9f297f102a93735092743c9065c4a8d062af2be9
SHA256

a9c80fcb24dc9e32be9b5cc6a268de0e8a234f55fb8ecd723739a401f51095b2
SHA512

e6599954e149c510f64589c6fb635196f2fbfa4b9f5278e3223a0f754bdf32cd5e45ef4ba0971e605be3408dfb9cb1137c044478cba9487a9236e6da341ff59b
SSDEEP

6144:l91hvpYyxTjl1+mMgNxkg69+divux2rm2BVooJHKZ:Dvp3VCmMgNr6Qd0rrfVdKZ

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  902b1a756dc83cb7e76dd10b96745dcc_JaffaCakes118
- Size
  
  312KB
- MD5
  
  902b1a756dc83cb7e76dd10b96745dcc
- SHA1
  
  9f297f102a93735092743c9065c4a8d062af2be9
- SHA256
  
  a9c80fcb24dc9e32be9b5cc6a268de0e8a234f55fb8ecd723739a401f51095b2
- SHA512
  
  e6599954e149c510f64589c6fb635196f2fbfa4b9f5278e3223a0f754bdf32cd5e45ef4ba0971e605be3408dfb9cb1137c044478cba9487a9236e6da341ff59b
- SSDEEP
  
  6144:l91hvpYyxTjl1+mMgNxkg69+divux2rm2BVooJHKZ:Dvp3VCmMgNr6Qd0rrfVdKZ
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan