smokeloader | 3ade01944ab9c664f6cdd28ff3d3026765b73627c7acd19d7c834d27b8b9025c | Triage

Sharing

General

Target

JaffaCakes118_b3f31367da4ab4366155fd07e71731d7
Size

303KB
Sample

250105-v4q54s1jew
MD5

b3f31367da4ab4366155fd07e71731d7
SHA1

4b7cbed4b21ab5c7470d3022d6762eb1e51cad5b
SHA256

3ade01944ab9c664f6cdd28ff3d3026765b73627c7acd19d7c834d27b8b9025c
SHA512

864d87e2574593813df6505d1552d14503e0b91f6b1d08e1a53b08b5cac552da4c00ba658f8bdd50f1ba61fc2ae9ffa5e2b83cf27041bcc3692b41b40f1b0c41
SSDEEP

6144:z/3g4BzuFJTSxk+NEs1X7/U9cvnwXBlnKMof:zoIGJT/sl1X7/UsnwXBlS

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  JaffaCakes118_b3f31367da4ab4366155fd07e71731d7
- Size
  
  303KB
- MD5
  
  b3f31367da4ab4366155fd07e71731d7
- SHA1
  
  4b7cbed4b21ab5c7470d3022d6762eb1e51cad5b
- SHA256
  
  3ade01944ab9c664f6cdd28ff3d3026765b73627c7acd19d7c834d27b8b9025c
- SHA512
  
  864d87e2574593813df6505d1552d14503e0b91f6b1d08e1a53b08b5cac552da4c00ba658f8bdd50f1ba61fc2ae9ffa5e2b83cf27041bcc3692b41b40f1b0c41
- SSDEEP
  
  6144:z/3g4BzuFJTSxk+NEs1X7/U9cvnwXBlnKMof:zoIGJT/sl1X7/UsnwXBlS
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan