smokeloader | 76c632b5de586e9584c1ddce8b0ec1c4c3426dda8264800e4f28aeb70301253a | Triage

Sharing

General

Target

76c632b5de586e9584c1ddce8b0ec1c4c3426dda8264800e4f28aeb70301253a
Size

194KB
Sample

241215-q2gfnswjh1
MD5

290dd3c941930305338061e6ffe61b96
SHA1

a7a10347cd5bcdec7030e582b7998d564e0a717f
SHA256

76c632b5de586e9584c1ddce8b0ec1c4c3426dda8264800e4f28aeb70301253a
SHA512

70fe5382131c0f2c687e1c5ccea149685fd8e8554e4de80e21d1e13f052644849fe04db24a5e342e0784a2620ac09952ca862e6b72443142534f0ba75ab206f8
SSDEEP

3072:7a/oS6lnUQ/xdgXYmRmu0m05zVsgtv+cEgAJxQFJKyfK/ujjWhpEmUaWXmfZo9TB:GwFUWgXMToXgAJxQKyfKukSioKoJSFH0

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  4d2dc62eb46aaaf3b172a0ea4cfe4e512fa5cf86f13136665b97bf248a7c8850
- Size
  
  302KB
- MD5
  
  eba08a21a14db162e63b10e8e13b547f
- SHA1
  
  87dab4192f22c493a41bf24590d944d186fc5074
- SHA256
  
  4d2dc62eb46aaaf3b172a0ea4cfe4e512fa5cf86f13136665b97bf248a7c8850
- SHA512
  
  625c998cd942a13dd2988be3166a868aec3fadd1377b47a70717de35c34dc9440ea18348acb299c0cee00543ef429a70cca33e9c8a366f551bde587f6f61e568
- SSDEEP
  
  6144:PSLGGeO8jXF1VToXTc7xralvWeigavwVf:Puj8Z1VTojuxralvWT
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan