smokeloader | d9acf7755649d86f437875470bff8c2b931753b4c7593fdca9943ea19b2041e7 | Triage

Sharing

General

Target

d9acf7755649d86f437875470bff8c2b931753b4c7593fdca9943ea19b2041e7
Size

113KB
Sample

241215-ra9tkswna1
MD5

7425a90704e3186dcf6dc2d405411049
SHA1

a52651e222af47d12aff6c45f339f29ee2fbe00e
SHA256

d9acf7755649d86f437875470bff8c2b931753b4c7593fdca9943ea19b2041e7
SHA512

13f62a6d971d21ee0aaddfb6ecd69c3aa8d43bff40ef322e7d5cd906506d09ca026f81d9954e73b0d3e7a34f10478897551544e13111c4cc6a92a25ced8b977f
SSDEEP

3072:+ee7F4ogRN9IXcGCt8k4iakUe8hpA1YkAJpDfcZ2:+nJQkX3a8zWKC1Yv1fcA

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  f41d97cd8adb541779a9c5769fb3cb56dd3758a68ce57a3a5c188813210d66ad.exe
- Size
  
  173KB
- MD5
  
  8c8aaa8d9fbd2304c66338c68999a866
- SHA1
  
  fbd57b197e1ee01052498f08f8778315abb4f872
- SHA256
  
  f41d97cd8adb541779a9c5769fb3cb56dd3758a68ce57a3a5c188813210d66ad
- SHA512
  
  dad2899d0f29283453bd722c8d87fd3a85ad2337fb107d80b3c8b0809538510a076a4f79adc0e89fd046f96c5f12b37da638d79d54f61ea6abd805f96953fe76
- SSDEEP
  
  3072:v0lRFhsENMlLYVZpVoj/ARvviG7RGnoZlG59naqpv010A09LC9bqA:8cEsLCpVoz8v/029mc0A09sb
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan