smokeloader | 13cea9cb7d24d578d0d242f213e3e9d86f4a056b56c24f0c876be2a754d1edcf | Triage

Sharing

General

Target

94bce42dcb8a2f54fd6382c949f763bf_JaffaCakes118
Size

214KB
Sample

241124-pxnthszmbv
MD5

94bce42dcb8a2f54fd6382c949f763bf
SHA1

1e5212db6519277d84a70723cee7ff9fd152cd42
SHA256

13cea9cb7d24d578d0d242f213e3e9d86f4a056b56c24f0c876be2a754d1edcf
SHA512

f50cd25660430f5d00bd3657141e2039f68f6f8a04f9bbfb07a5d3da4596fdf3bbd0b1a373991e9ee219b541e52b24481af538222a122aa7ea23a106ad20eb9a
SSDEEP

3072:KnV2C/m6Z3XGt5TwcptVWT2ScsYh6gSVywo3c+:bC/mE+rW17knGyHM

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  94bce42dcb8a2f54fd6382c949f763bf_JaffaCakes118
- Size
  
  214KB
- MD5
  
  94bce42dcb8a2f54fd6382c949f763bf
- SHA1
  
  1e5212db6519277d84a70723cee7ff9fd152cd42
- SHA256
  
  13cea9cb7d24d578d0d242f213e3e9d86f4a056b56c24f0c876be2a754d1edcf
- SHA512
  
  f50cd25660430f5d00bd3657141e2039f68f6f8a04f9bbfb07a5d3da4596fdf3bbd0b1a373991e9ee219b541e52b24481af538222a122aa7ea23a106ad20eb9a
- SSDEEP
  
  3072:KnV2C/m6Z3XGt5TwcptVWT2ScsYh6gSVywo3c+:bC/mE+rW17knGyHM
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan