smokeloader | 7c00e5c4e42960ba7f00d87a129b458b8cf47652f8a6ceaf5b9a91f5223e3c71 | Triage

Sharing

General

Target

7c00e5c4e42960ba7f00d87a129b458b8cf47652f8a6ceaf5b9a91f5223e3c71
Size

114KB
Sample

241215-qyccjsxnaj
MD5

daa4ea211481214ced25705c651acdef
SHA1

75086b92281803a1fb7c1ebdf43b784d66e1289b
SHA256

7c00e5c4e42960ba7f00d87a129b458b8cf47652f8a6ceaf5b9a91f5223e3c71
SHA512

bb73dfe733e9c3af6df2ee5d3a60dca1a7a482cb793d57456e568cae744741fcc8122fc4848e401b2c9fed1cb1cf943c0af41f9ba35974a8a64b55be1d6d6498
SSDEEP

1536:313vn4ZMEeucYPiYX4Kah9J2tff+pndDPNm/GHOkunp2pKg/72HvOJUQhLvyicEg:313oBcqah926nLOkun4rkEUQZvDxu

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  aacd65813e8d63e01dcedf25ba43575ff3883772ab419a2833e6ad337b935c4f.exe
- Size
  
  174KB
- MD5
  
  51eb6a9eef1a30e8635bfaf7084e8468
- SHA1
  
  5d682f89d0b860dfb1cf2cb7df69fc03926e4b45
- SHA256
  
  aacd65813e8d63e01dcedf25ba43575ff3883772ab419a2833e6ad337b935c4f
- SHA512
  
  5aff22df825be02c07c533e4f74dc32eecceff1fae88a19982dd52302d89e02c2510a9b18e5308b47387fe585e987c834900ab9cef3730fd1915ee59ecc40b48
- SSDEEP
  
  3072:CZRJFLsiLY98JTu/zRO/zPePDgGdpX++D5xd74k0jR:MnLY98JTGobPWgcu+D5xN
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan