smokeloader | e3cf431ceff51b98711e218012967a2d786e2436750646ba993b9328f4392e04 | Triage

Sharing

General

Target

e3cf431ceff51b98711e218012967a2d786e2436750646ba993b9328f4392e04
Size

104KB
Sample

241215-qxzrfsxmhj
MD5

de41fe940e4796a0de80ae8d8bd49cda
SHA1

7cdd15329e0224520ce8f1bca912f2f60b153e1b
SHA256

e3cf431ceff51b98711e218012967a2d786e2436750646ba993b9328f4392e04
SHA512

98e40367f7317f5544c5840113479f0ed1948225bba08fd5e7b750388a1a27f68444fa4b7cb29807b74b434f13f4659c9e0f8f97d9eb9433295cd9d8b23df5ee
SSDEEP

1536:o7IWGDQDJ/9GH3oP8zZ5PSmgETfeNwJ8ZzdxU+XYk+BrqyCictb1K30E+GLNUCoh:o7+QD10XhZ5bd2Zw+XY5uyZcit+GPq

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  51a33d1dcec48a8f5b068a57b87dbfb2aa780e30b06295e43bd60cdf284a52e8.exe
- Size
  
  154KB
- MD5
  
  1907e95fde8b8aa1142caabdc77cd084
- SHA1
  
  7752a4877fe75b36543012adb9af04a15b0b74ff
- SHA256
  
  51a33d1dcec48a8f5b068a57b87dbfb2aa780e30b06295e43bd60cdf284a52e8
- SHA512
  
  beafe982f1d77ead92a6041be7f7102b88d415c6c848c930c752f58e20edb7580a69b29b0647ae6e389831d2ba492b901b3d7e7ecdc2ad5c996d9b85ddd28afc
- SSDEEP
  
  3072:MobLmJvwoq5WSO5RymugWT7VdRSdiX2X2:hLmJvwTTlX2
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan