smokeloader | 8e430af53d8eb61a39239d6537b7e8a2b99efb0852f8814ce1a5ebd7ace53fd4 | Triage

Sharing

General

Target

F99E6584C274E6814B81BE68C0F2EE47.exe
Size

189KB
Sample

241130-l9j5bavrej
MD5

f99e6584c274e6814b81be68c0f2ee47
SHA1

56c3838e6f68404b1309291639b3a300292a46b1
SHA256

8e430af53d8eb61a39239d6537b7e8a2b99efb0852f8814ce1a5ebd7ace53fd4
SHA512

1b94ad9c88fcc335368e79faa70a878eaf78fd34f192ccdba20d2fe0024b441aa372983bc132510d7c9727fb800509bc5f98e1ae2ba38a521f8c5c74361460eb
SSDEEP

3072:+FEJ0B5aRXtU49eLUoblr435Gz569C4UgO6:dJYClefz

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  F99E6584C274E6814B81BE68C0F2EE47.exe
- Size
  
  189KB
- MD5
  
  f99e6584c274e6814b81be68c0f2ee47
- SHA1
  
  56c3838e6f68404b1309291639b3a300292a46b1
- SHA256
  
  8e430af53d8eb61a39239d6537b7e8a2b99efb0852f8814ce1a5ebd7ace53fd4
- SHA512
  
  1b94ad9c88fcc335368e79faa70a878eaf78fd34f192ccdba20d2fe0024b441aa372983bc132510d7c9727fb800509bc5f98e1ae2ba38a521f8c5c74361460eb
- SSDEEP
  
  3072:+FEJ0B5aRXtU49eLUoblr435Gz569C4UgO6:dJYClefz
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan