smokeloader | 815d16714fc1ffb855525f17445cd37dd5a5a9fae649a6a2a63c55389d5295b7 | Triage

Sharing

General

Target

815d16714fc1ffb855525f17445cd37dd5a5a9fae649a6a2a63c55389d5295b7
Size

154KB
Sample

241215-qwhfsavqhv
MD5

f8190e18c6616d1609dfab0684ba35c5
SHA1

908ce9799540b34397cefe7f4da907283793b605
SHA256

815d16714fc1ffb855525f17445cd37dd5a5a9fae649a6a2a63c55389d5295b7
SHA512

ce835bbfa3194a66969dc6a607742ab9e66d348d1e776203edb0747a8c96b8be042987d7268db51bccde9f77c18a520f6daa08b60a1b5c2a7ee65af32c4a04b1
SSDEEP

3072:E0BtM5mi7k1oRdChkFChFvrZFBz0p4gruw1L9tfc4Ajz:E0Btf0kK3LghV/hxkJ5c4Wz

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  3d3d9659fb6e5b35d36db33bccf79990dee404e15548f185456c80f12173337f
- Size
  
  260KB
- MD5
  
  29606191a5e9d43fac67074b4a140bf7
- SHA1
  
  b192d2d85e01c1828db0e1012cde6f00d21c0feb
- SHA256
  
  3d3d9659fb6e5b35d36db33bccf79990dee404e15548f185456c80f12173337f
- SHA512
  
  7775aceaf453c8ed2a8579aec3efc34f800034faa112d0889d94a3faa760b0d9640b26fa525f01a57b1c07cd0647d0962b7fa22aee112107ceb66c987f788206
- SSDEEP
  
  3072:tAQOABcNJLo19Owz5TbOoqbz74Bz0p7Fm5QPO1CrM/h3:SABYJL89VO8hUm52Dr
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan