smokeloader | 7c87f681db3f6b7f0337faae390896ef94e05390ad78a78f7ad20dc7e7808efd | Triage

Sharing

General

Target

e468fbed089419bc835f951f1763acb5_JaffaCakes118
Size

362KB
Sample

241212-dlzk4asrbm
MD5

e468fbed089419bc835f951f1763acb5
SHA1

bb012af6cb9c806af4541a8aa38a3d9e5a97fca0
SHA256

7c87f681db3f6b7f0337faae390896ef94e05390ad78a78f7ad20dc7e7808efd
SHA512

4fc716eee52c914bc5116ff2e3a12de4d3236829f518d3e874fde577d3feabc9bc5fa78b5a1e30c7ac41dc0f62861279d93818ba171b21d2698c3dd5e70e40da
SSDEEP

6144:OESoD0ahrox3TlV+tkd1QkjKytCJHO8LsQy2/4fdi87CwDxgLDm:B0ahsJitkd1NKKCJ53p/4flNOL

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  e468fbed089419bc835f951f1763acb5_JaffaCakes118
- Size
  
  362KB
- MD5
  
  e468fbed089419bc835f951f1763acb5
- SHA1
  
  bb012af6cb9c806af4541a8aa38a3d9e5a97fca0
- SHA256
  
  7c87f681db3f6b7f0337faae390896ef94e05390ad78a78f7ad20dc7e7808efd
- SHA512
  
  4fc716eee52c914bc5116ff2e3a12de4d3236829f518d3e874fde577d3feabc9bc5fa78b5a1e30c7ac41dc0f62861279d93818ba171b21d2698c3dd5e70e40da
- SSDEEP
  
  6144:OESoD0ahrox3TlV+tkd1QkjKytCJHO8LsQy2/4fdi87CwDxgLDm:B0ahsJitkd1NKKCJ53p/4flNOL
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan