smokeloader | 1d76266267ca27570b9cfb6f2a84b80ef607e9450d475eabad2e630cfbd77b7e | Triage

Sharing

General

Target

afd773ef3ce2e9eee5c74123d8501c3c_JaffaCakes118
Size

271KB
Sample

241129-jnk4dayqgn
MD5

afd773ef3ce2e9eee5c74123d8501c3c
SHA1

a9d6c12253ad78b9b6aa41493114ced263ac1ba8
SHA256

1d76266267ca27570b9cfb6f2a84b80ef607e9450d475eabad2e630cfbd77b7e
SHA512

bccecbc7e4e20a7ea9c64fd98edfa9c743b1adc2be9e7c12760c9ddab92e42c779f00f51c607baa64163473cf7729b674b7d200e569f5023cdca14ce263ba181
SSDEEP

6144:FYsKNhL2/ukst3W2Sy595Ovvf0nXBFTfSfkwPy:lKXL2/dst3WmO8RFRay

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  afd773ef3ce2e9eee5c74123d8501c3c_JaffaCakes118
- Size
  
  271KB
- MD5
  
  afd773ef3ce2e9eee5c74123d8501c3c
- SHA1
  
  a9d6c12253ad78b9b6aa41493114ced263ac1ba8
- SHA256
  
  1d76266267ca27570b9cfb6f2a84b80ef607e9450d475eabad2e630cfbd77b7e
- SHA512
  
  bccecbc7e4e20a7ea9c64fd98edfa9c743b1adc2be9e7c12760c9ddab92e42c779f00f51c607baa64163473cf7729b674b7d200e569f5023cdca14ce263ba181
- SSDEEP
  
  6144:FYsKNhL2/ukst3W2Sy595Ovvf0nXBFTfSfkwPy:lKXL2/dst3WmO8RFRay
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan