smokeloader | 5a583ac216cd318497797f12871758d27e96b17df260f56cfbd78879373baaf1 | Triage

Sharing

General

Target

5a583ac216cd318497797f12871758d27e96b17df260f56cfbd78879373baaf1N.exe
Size

289KB
Sample

241226-dxnmzavrhs
MD5

5904e57410bf368b2ae56759bda24840
SHA1

71b8883112b1c28a7649661f6bdbd4e23f38814c
SHA256

5a583ac216cd318497797f12871758d27e96b17df260f56cfbd78879373baaf1
SHA512

bc3380fe008e2c8a1edb1f76a3d49d68ebc78ddc91bf77d5ff189a2bfaa37608f26ac5c46d63f46c0747763cd0940b6afbf311bc688caca9fa468baf5b99107f
SSDEEP

6144:yvUNTzaFl4ZlnmlVe3fzNZ1UJcA4y0WuUooCwl0oBCNb:yvURaFoce3fpVAwSs00oB6

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  5a583ac216cd318497797f12871758d27e96b17df260f56cfbd78879373baaf1N.exe
- Size
  
  289KB
- MD5
  
  5904e57410bf368b2ae56759bda24840
- SHA1
  
  71b8883112b1c28a7649661f6bdbd4e23f38814c
- SHA256
  
  5a583ac216cd318497797f12871758d27e96b17df260f56cfbd78879373baaf1
- SHA512
  
  bc3380fe008e2c8a1edb1f76a3d49d68ebc78ddc91bf77d5ff189a2bfaa37608f26ac5c46d63f46c0747763cd0940b6afbf311bc688caca9fa468baf5b99107f
- SSDEEP
  
  6144:yvUNTzaFl4ZlnmlVe3fzNZ1UJcA4y0WuUooCwl0oBCNb:yvURaFoce3fpVAwSs00oB6
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan