smokeloader | 96ae6b6256a5b2a4b8826a01f95ec3787075782957d1ed22a40e0f454f6923d5 | Triage

Sharing

General

Target

96ae6b6256a5b2a4b8826a01f95ec3787075782957d1ed22a40e0f454f6923d5
Size

163KB
Sample

241215-ra8arawnay
MD5

233c1c961cf887ff8cceec1d7e88458e
SHA1

454c08dda501e199385ea47587d5891dbbe78dea
SHA256

96ae6b6256a5b2a4b8826a01f95ec3787075782957d1ed22a40e0f454f6923d5
SHA512

0a632d3aa9a9cb209574394dc2620ec8d766f507cc065d979103454aae9017cc7c6a3d8337692ddb2302f2be2c5651bd50b00315ae0a1027fcdce508ff3e6431
SSDEEP

3072:gjLLcvH0Y0fNF58hICqzYAlLk+sFeoSjcKQklqjzois5Rkt3FLyRwfZJ:gbcvH0YWgWCmO+sdFAp5rw3

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  a46bd5076e4b2ec02eb0c30eae496273047a899e976197263957096a005c11d4
- Size
  
  261KB
- MD5
  
  c37c9d767220b694ccddaddde5136694
- SHA1
  
  5ba7b52567430a131cb8a67e6706a1a352cdee70
- SHA256
  
  a46bd5076e4b2ec02eb0c30eae496273047a899e976197263957096a005c11d4
- SHA512
  
  19cebbfac016f6d7c6631da09e4f6536a3f3d38d343f1469bb15c927d17bc42fa018be4aed1e6df93b817fb255cc12e8b763fbd6867c496ab5c08644b3b4ea78
- SSDEEP
  
  3072:5XOKjPPtgWqLKXmQL7n5JRxt5MZpv2QMDr3zs/SNFbgb1L+my+2M/h3R:d5PPqWqLsLJxETORDvs/4h8c+28
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan