smokeloader | b16cd8b43deee2443c27a14a3a1d9a885ad233cf8fec3a4e14b9a760c8a5e3ab | Triage

Sharing

General

Target

JaffaCakes118_885c90c2276f63849f0756a910254a1d
Size

172KB
Sample

250105-dyd5xszldz
MD5

885c90c2276f63849f0756a910254a1d
SHA1

0636eb0fec410d0ea793ce9ef4e8057f64068a09
SHA256

b16cd8b43deee2443c27a14a3a1d9a885ad233cf8fec3a4e14b9a760c8a5e3ab
SHA512

77a382846ee27f007e0d716820a425bf12b6783d8e01aae39685b8674223b25baa48a85965542285fe99ae56f5a6e413e43dbbccf434ac9c972143f9bde13f1b
SSDEEP

3072:YwiJ5o2Bf05p9OiXX7wb2+ZHWXjeyXsoS9D98aShyuyFlx6k1ezbe3E:YLjHBfQp9OurU2+ZHu38Vx98aCulx6ks

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  JaffaCakes118_885c90c2276f63849f0756a910254a1d
- Size
  
  172KB
- MD5
  
  885c90c2276f63849f0756a910254a1d
- SHA1
  
  0636eb0fec410d0ea793ce9ef4e8057f64068a09
- SHA256
  
  b16cd8b43deee2443c27a14a3a1d9a885ad233cf8fec3a4e14b9a760c8a5e3ab
- SHA512
  
  77a382846ee27f007e0d716820a425bf12b6783d8e01aae39685b8674223b25baa48a85965542285fe99ae56f5a6e413e43dbbccf434ac9c972143f9bde13f1b
- SSDEEP
  
  3072:YwiJ5o2Bf05p9OiXX7wb2+ZHWXjeyXsoS9D98aShyuyFlx6k1ezbe3E:YLjHBfQp9OurU2+ZHu38Vx98aCulx6ks
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan