smokeloader | 7e24b957aae41a1313b9486aac1cd3a567c957b8a8a0d0e5b4955ea1502b86b0 | Triage

Sharing

General

Target

7e24b957aae41a1313b9486aac1cd3a567c957b8a8a0d0e5b4955ea1502b86b0
Size

216KB
Sample

241215-rdt8aswpay
MD5

c609df84b2a92a26ee0a8aa59739b194
SHA1

9ac99c205ede2872bf9abb4c02eb4f488a0b9dac
SHA256

7e24b957aae41a1313b9486aac1cd3a567c957b8a8a0d0e5b4955ea1502b86b0
SHA512

90635b3c945a10013efe09bdb8c8c0e84ddb2f1f58f0642cefd22d622338c65e2624a385a085b715a50d4ac87032b279f7faeb99583b5113f63a4b44380d1707
SSDEEP

6144:yb9eHbJH50ZaheSzzcSm+It5ynzBBpaIs9iq:yb9qH5Cah3zZm+0yzBXm

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  04789d897a18c7c97021a5d674b2b686c8847af18c3800982431d8c5946fe454
- Size
  
  334KB
- MD5
  
  5cf5fdcec332dbf9096f3279dfe2e1e9
- SHA1
  
  2c252b4813a048cce5bc5bcb47c74ccfca29473f
- SHA256
  
  04789d897a18c7c97021a5d674b2b686c8847af18c3800982431d8c5946fe454
- SHA512
  
  2adb2bb3b544a4a51d0523653201f222caea198d04e4a73636fecd30a2d186350f6040651432db7a4ac436d4c3441ea5ffb501428835b57f76a8ba31554d931a
- SSDEEP
  
  6144:kqp2wXzkbgvSz9CSmYh+3oQ9gOU+fzYBb6:khwItcSmn9gT6
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan