smokeloader | 62c4f92778d0bd5831fad52da33914cd561ecefb6f5853925dc989bce3ffa3c9 | Triage

Sharing

General

Target

b77fea1068099706f3f5d74f346ba334_JaffaCakes118
Size

217KB
Sample

241202-jat45a1kdr
MD5

b77fea1068099706f3f5d74f346ba334
SHA1

58c57f48c3a9338ced4b3cd174b191a9e38ed7c6
SHA256

62c4f92778d0bd5831fad52da33914cd561ecefb6f5853925dc989bce3ffa3c9
SHA512

eb36d0dcc386c88d91679fbf9541a5b6d777eeea709f016921ae863e0c7fd0f0150c50451f7180cfe9ef8e1eb4b6718851449b024a444de8a431b7e7dfeff296
SSDEEP

3072:7HzizXmEwgIMjnOL0J7bdTVnCm5W3O7YWnQdnCNeoBNTfC8IU:SwgIf4J3Z0p3xWWCIwY8

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b77fea1068099706f3f5d74f346ba334_JaffaCakes118
- Size
  
  217KB
- MD5
  
  b77fea1068099706f3f5d74f346ba334
- SHA1
  
  58c57f48c3a9338ced4b3cd174b191a9e38ed7c6
- SHA256
  
  62c4f92778d0bd5831fad52da33914cd561ecefb6f5853925dc989bce3ffa3c9
- SHA512
  
  eb36d0dcc386c88d91679fbf9541a5b6d777eeea709f016921ae863e0c7fd0f0150c50451f7180cfe9ef8e1eb4b6718851449b024a444de8a431b7e7dfeff296
- SSDEEP
  
  3072:7HzizXmEwgIMjnOL0J7bdTVnCm5W3O7YWnQdnCNeoBNTfC8IU:SwgIf4J3Z0p3xWWCIwY8
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan