smokeloader | e64284ad371c92d35f857265a02b80c2be473aada4c71417b01ab029c8933483 | Triage

Sharing

General

Target

e64284ad371c92d35f857265a02b80c2be473aada4c71417b01ab029c8933483
Size

128KB
Sample

241215-rfynhaylck
MD5

bce310b0d99850121c009f7a280e5672
SHA1

c19327a3b37dbb6e63db9613c937433d6736ab97
SHA256

e64284ad371c92d35f857265a02b80c2be473aada4c71417b01ab029c8933483
SHA512

85df7ba753433f684f2248a09c7bcc23c892dcd4ab5740d3e3526ad3f32300392102cb84ec22c222a454b669594f7e0caa36c1ababa6722fbf50ec834958af9b
SSDEEP

3072:oCtYDEeBMPjmwi/zKziNc+m9E8a9ZMN1fdEjBcJOJChCD:o6TDhAzAscHh/dEjyJOIhI

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  78e7d302c8a2d30e857d6d6f235ddb5b944dfa5d8e856df74a6d27c65a7cf2ea
- Size
  
  189KB
- MD5
  
  2240788fdd794f96cac866417881469b
- SHA1
  
  0cdc7aedcae6e04b333e2545525001b4647563ae
- SHA256
  
  78e7d302c8a2d30e857d6d6f235ddb5b944dfa5d8e856df74a6d27c65a7cf2ea
- SHA512
  
  d88fd502107d17a8df662ca21b84f60348be601cdb92fa48d1ba9c172e11c80bff3cd070e9ca4f2711d970dfe0fc3cf563257a919bf4231a3d42e31335bdb7d9
- SSDEEP
  
  3072:8dXr54+drchLuhsq2uhRiYzWmiEXzDE8a9ZMN1fdEjBc46iMv:kr+MIhLwsq2jDmiEXzDh/dEjy5i
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan