smokeloader | 5849cb66f97165b80e0ea4d049558bea07d1e98ebb820fe74ff450ee8acdbcd2 | Triage

Sharing

General

Target

ee54bfb1645819dc424bc88f2d9631db_JaffaCakes118
Size

223KB
Sample

241214-mk1ansypew
MD5

ee54bfb1645819dc424bc88f2d9631db
SHA1

4b62a331337771b8d5ce0c60edbfa31b89f3b266
SHA256

5849cb66f97165b80e0ea4d049558bea07d1e98ebb820fe74ff450ee8acdbcd2
SHA512

66ee4850dd742bbee6470c2fba71a8921ed1d2dd361f57ed8494aea5f993343fca5975fb0ef3e4588f30e47c0719b332553475ecc507f1fdab79183ca8fa9df0
SSDEEP

3072:y72fNTu7qX5FMPZNKEYNsIXM5uD7YWnWnCNeoBjXCkySGb:IfqX5FMOEuDIWWCIwzg

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ee54bfb1645819dc424bc88f2d9631db_JaffaCakes118
- Size
  
  223KB
- MD5
  
  ee54bfb1645819dc424bc88f2d9631db
- SHA1
  
  4b62a331337771b8d5ce0c60edbfa31b89f3b266
- SHA256
  
  5849cb66f97165b80e0ea4d049558bea07d1e98ebb820fe74ff450ee8acdbcd2
- SHA512
  
  66ee4850dd742bbee6470c2fba71a8921ed1d2dd361f57ed8494aea5f993343fca5975fb0ef3e4588f30e47c0719b332553475ecc507f1fdab79183ca8fa9df0
- SSDEEP
  
  3072:y72fNTu7qX5FMPZNKEYNsIXM5uD7YWnWnCNeoBjXCkySGb:IfqX5FMOEuDIWWCIwzg
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan