smokeloader | df4915c19ddb3dd2652cb6eda3a9527d8758a4b203d74ad6197cd5a2b69683ca | Triage

Sharing

General

Target

df4915c19ddb3dd2652cb6eda3a9527d8758a4b203d74ad6197cd5a2b69683ca.exe
Size

289KB
Sample

241225-tsglvsxrbs
MD5

b0f4fb071b1172dfe0cac89552f953bc
SHA1

800b18d81892249e05bf9f003e50e9c876d8ec72
SHA256

df4915c19ddb3dd2652cb6eda3a9527d8758a4b203d74ad6197cd5a2b69683ca
SHA512

ddcbd5b7667e270309354141493b6253bd0ee9b2e30cde763a20cb43a5bc73b05dfaa1b7cc2e90f6f8d32dbb168173b9243fbae3ddf62509d892be74c5ebeae5
SSDEEP

6144:yvUNTzaFl4ZlnmlVe3fzNZ1UJcA4y0WuUooCwl0oBCNbj:yvURaFoce3fpVAwSs00oB6j

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  df4915c19ddb3dd2652cb6eda3a9527d8758a4b203d74ad6197cd5a2b69683ca.exe
- Size
  
  289KB
- MD5
  
  b0f4fb071b1172dfe0cac89552f953bc
- SHA1
  
  800b18d81892249e05bf9f003e50e9c876d8ec72
- SHA256
  
  df4915c19ddb3dd2652cb6eda3a9527d8758a4b203d74ad6197cd5a2b69683ca
- SHA512
  
  ddcbd5b7667e270309354141493b6253bd0ee9b2e30cde763a20cb43a5bc73b05dfaa1b7cc2e90f6f8d32dbb168173b9243fbae3ddf62509d892be74c5ebeae5
- SSDEEP
  
  6144:yvUNTzaFl4ZlnmlVe3fzNZ1UJcA4y0WuUooCwl0oBCNbj:yvURaFoce3fpVAwSs00oB6j
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan