smokeloader | 98fda289113d05f1de709871f358eb316e4c24f4c7d75014da98f91cc96909fc | Triage

Sharing

General

Target

JaffaCakes118_b2c0408a0bd1d357a7110087c0626608
Size

172KB
Sample

250105-vnh5kasmfm
MD5

b2c0408a0bd1d357a7110087c0626608
SHA1

488214f1d3b1501b290cff5eed033121818fe617
SHA256

98fda289113d05f1de709871f358eb316e4c24f4c7d75014da98f91cc96909fc
SHA512

bf94b1e69201be1004c7ee534bc0759c474c13c3768f5ae3e97cebdcaea31dbd07ee467dc56cb41e2ba7378d27939e4742eb87d5da121f00d8541935456cd850
SSDEEP

3072:yQiJ5o2Bf0520w4XUM7QnxdVXsoS9D98aShyuyjHVwwUELsWe3E:yrjHBfQ20B1QnZ8Vx98aCW9UY3yE

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  JaffaCakes118_b2c0408a0bd1d357a7110087c0626608
- Size
  
  172KB
- MD5
  
  b2c0408a0bd1d357a7110087c0626608
- SHA1
  
  488214f1d3b1501b290cff5eed033121818fe617
- SHA256
  
  98fda289113d05f1de709871f358eb316e4c24f4c7d75014da98f91cc96909fc
- SHA512
  
  bf94b1e69201be1004c7ee534bc0759c474c13c3768f5ae3e97cebdcaea31dbd07ee467dc56cb41e2ba7378d27939e4742eb87d5da121f00d8541935456cd850
- SSDEEP
  
  3072:yQiJ5o2Bf0520w4XUM7QnxdVXsoS9D98aShyuyjHVwwUELsWe3E:yrjHBfQ20B1QnZ8Vx98aCW9UY3yE
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan