smokeloader | 9bc38b4f2aee402aa59fd81af85859bc6f345a43eaf7c14343273525134a90b9 | Triage

Sharing

General

Target

c9d9cba3f3008c9e4a9d81402dfed99a_JaffaCakes118
Size

229KB
Sample

241205-276tasxkdv
MD5

c9d9cba3f3008c9e4a9d81402dfed99a
SHA1

66f618841b4d4360a57699e92ed7afcbba8ba61b
SHA256

9bc38b4f2aee402aa59fd81af85859bc6f345a43eaf7c14343273525134a90b9
SHA512

ef94ed8adeec798065b17c39c8179eeda9932c9175ecf018a81e5effa872302e62687516d56013aa91fa6e6ada0c6891c235c2c13452c9d65c26cf97e16e07bd
SSDEEP

3072:5iRPdOgYeQx3MzYBoCC55m+7YWnWnCNeoB+xNgoob:3gYfx8zYBkyhWWCIwo

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  c9d9cba3f3008c9e4a9d81402dfed99a_JaffaCakes118
- Size
  
  229KB
- MD5
  
  c9d9cba3f3008c9e4a9d81402dfed99a
- SHA1
  
  66f618841b4d4360a57699e92ed7afcbba8ba61b
- SHA256
  
  9bc38b4f2aee402aa59fd81af85859bc6f345a43eaf7c14343273525134a90b9
- SHA512
  
  ef94ed8adeec798065b17c39c8179eeda9932c9175ecf018a81e5effa872302e62687516d56013aa91fa6e6ada0c6891c235c2c13452c9d65c26cf97e16e07bd
- SSDEEP
  
  3072:5iRPdOgYeQx3MzYBoCC55m+7YWnWnCNeoB+xNgoob:3gYfx8zYBkyhWWCIwo
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan