smokeloader | 379f06cf62a9bb8ed54c810931f4f7260fbfa0e4af260bec8cfd3610244000d2 | Triage

Sharing

General

Target

379f06cf62a9bb8ed54c810931f4f7260fbfa0e4af260bec8cfd3610244000d2
Size

103KB
Sample

241215-qxre3svrct
MD5

0ac14e7e66b0a7b8fd021ebe047c98d5
SHA1

71d1e162cf736f5567bd4b44b23148054b1c4982
SHA256

379f06cf62a9bb8ed54c810931f4f7260fbfa0e4af260bec8cfd3610244000d2
SHA512

1ba2ddf3643d88cf2424e6b5374af6eb6e92423118c4bb9fdc105f537ecce181dc5663c5e3169bc0bfb29416dafe53962e39d8d652a400d7270d8d12f292570b
SSDEEP

3072:GGgSS5bYowr8pGhGlyPtPxM1dqFTv22ykvq:GGbS5Mow75PtqwTdvq

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  89691031defe4c21cf9c284a4a6c24e6fce0908d35f53622b7e0dd96d4aa3b08.exe
- Size
  
  153KB
- MD5
  
  61b42db67c8ffff7b8f8a2535239f7ec
- SHA1
  
  a8ed809fc9f1888dd3ecc52b73c03a7edc50cc39
- SHA256
  
  89691031defe4c21cf9c284a4a6c24e6fce0908d35f53622b7e0dd96d4aa3b08
- SHA512
  
  f1111d95681e95fbe11edb2c7910a6576c4cddd0b36b809bcce6effb026f7cbed3d5e18306f61b9e12ae11b69d573b3637214700a95972302754287b243772fc
- SSDEEP
  
  1536:D64ATKc7Jj8WLlaMcz+xcd2sXE58mpE4BETPMgjc7LEHdOutHTtkJnin0xSvGO+M:D67VLI4IXE5XE4BEwv7g9OGGJn5kmM
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan