smokeloader | cb333890afaa54be6b7da1320873a241420562b5b22842425fdbe3b28060547a | Triage

Sharing

General

Target

cb333890afaa54be6b7da1320873a241420562b5b22842425fdbe3b28060547a
Size

154KB
Sample

241215-qww9yaxmdj
MD5

509dcb1bb3631ffac816ca2962c3b83f
SHA1

824f0037d49342eab18c602b86cb3ed4791b6093
SHA256

cb333890afaa54be6b7da1320873a241420562b5b22842425fdbe3b28060547a
SHA512

0022390e6afa49e6c0c8d8a30534b576ea100ff4e0724a15d5e50a6b4c8db9973e3af5d5ed282c7442db0b1843c781ad5b2299cbdd34c4324873af74471dddc9
SSDEEP

3072:Y0BtM5mi7k1oRdChkFChFvrZFBz0p4gruw1L9tfc4Ajb:Y0Btf0kK3LghV/hxkJ5c4Wb

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  3d3d9659fb6e5b35d36db33bccf79990dee404e15548f185456c80f12173337f
- Size
  
  260KB
- MD5
  
  29606191a5e9d43fac67074b4a140bf7
- SHA1
  
  b192d2d85e01c1828db0e1012cde6f00d21c0feb
- SHA256
  
  3d3d9659fb6e5b35d36db33bccf79990dee404e15548f185456c80f12173337f
- SHA512
  
  7775aceaf453c8ed2a8579aec3efc34f800034faa112d0889d94a3faa760b0d9640b26fa525f01a57b1c07cd0647d0962b7fa22aee112107ceb66c987f788206
- SSDEEP
  
  3072:tAQOABcNJLo19Owz5TbOoqbz74Bz0p7Fm5QPO1CrM/h3:SABYJL89VO8hUm52Dr
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan