smokeloader | 940856f93e56ecd69b6833c94a78247b3f8d60348ac9b73928fd338113fbbc9e | Triage

Sharing

General

Target

bfa14859432cc51e9f8a9b632dc38713_JaffaCakes118
Size

302KB
Sample

241203-2x8j5symgx
MD5

bfa14859432cc51e9f8a9b632dc38713
SHA1

b76262d0b04a555f9ddbef1e3f8a99fe8bf50f5f
SHA256

940856f93e56ecd69b6833c94a78247b3f8d60348ac9b73928fd338113fbbc9e
SHA512

92df1e4440a47ac40a7a32fcd064632b4ca414e85a8b607d53dee0c95980159db198aff55247a73df59914eb0db4828685d5d21a0659ead1674d252bc9ac01d9
SSDEEP

6144:aZnWXhSZxnTlV+W0OcEkTiUDeDN3ym5+l+IF/KBmWHNF3D:TXh+JiW0OcBiOeD8nZMBmW/

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  bfa14859432cc51e9f8a9b632dc38713_JaffaCakes118
- Size
  
  302KB
- MD5
  
  bfa14859432cc51e9f8a9b632dc38713
- SHA1
  
  b76262d0b04a555f9ddbef1e3f8a99fe8bf50f5f
- SHA256
  
  940856f93e56ecd69b6833c94a78247b3f8d60348ac9b73928fd338113fbbc9e
- SHA512
  
  92df1e4440a47ac40a7a32fcd064632b4ca414e85a8b607d53dee0c95980159db198aff55247a73df59914eb0db4828685d5d21a0659ead1674d252bc9ac01d9
- SSDEEP
  
  6144:aZnWXhSZxnTlV+W0OcEkTiUDeDN3ym5+l+IF/KBmWHNF3D:TXh+JiW0OcBiOeD8nZMBmW/
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan