smokeloader | 6a14254a0020462bb102f32452807dbdad56d1a9aa829bed894d0d8c9aefafa2 | Triage

Sharing

General

Target

c2b9436b6ccde1f2c990e486b635b2e6_JaffaCakes118
Size

239KB
Sample

241204-qm17jawphy
MD5

c2b9436b6ccde1f2c990e486b635b2e6
SHA1

ffe576c9de4b0a132af422845908b1ac9ebd1742
SHA256

6a14254a0020462bb102f32452807dbdad56d1a9aa829bed894d0d8c9aefafa2
SHA512

2e5d1527868323d1b8fca64192df4d94c323a4b0ff130140b95cc81f2924c0d02e07653d60cbb8ee46b8f449d538a8950651f0bc0a81220374c6a1fe78611792
SSDEEP

6144:QeccjFeYJ6N/sLsueihb12PYxVj/ClQVSHO1UY:QHcx/J6N8SYnmlQVSHk

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  c2b9436b6ccde1f2c990e486b635b2e6_JaffaCakes118
- Size
  
  239KB
- MD5
  
  c2b9436b6ccde1f2c990e486b635b2e6
- SHA1
  
  ffe576c9de4b0a132af422845908b1ac9ebd1742
- SHA256
  
  6a14254a0020462bb102f32452807dbdad56d1a9aa829bed894d0d8c9aefafa2
- SHA512
  
  2e5d1527868323d1b8fca64192df4d94c323a4b0ff130140b95cc81f2924c0d02e07653d60cbb8ee46b8f449d538a8950651f0bc0a81220374c6a1fe78611792
- SSDEEP
  
  6144:QeccjFeYJ6N/sLsueihb12PYxVj/ClQVSHO1UY:QHcx/J6N8SYnmlQVSHk
Score

10^/10

smokeloader pub5 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoortrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan