smokeloader | 863c9b9679dc1646f5126b26c22bb3a3c5e10d15f89325716b33771483e2c7ba | Triage

Sharing

General

Target

863c9b9679dc1646f5126b26c22bb3a3c5e10d15f89325716b33771483e2c7ba
Size

238KB
Sample

250106-emm45axran
MD5

48fc5bc1eecef40363586181076f17a0
SHA1

b731cda57251c807dc9fcb1f09e1ee41da52523c
SHA256

863c9b9679dc1646f5126b26c22bb3a3c5e10d15f89325716b33771483e2c7ba
SHA512

24ef5b3566fe5b02b7904bf0c9f38690550a851668b06c2892711b56903139ea2b6b0fa8eda261b6bad62b3c88901648adb4ce11cf0d6853d4b0c0b83f57fc0a
SSDEEP

3072:p0ef7i9FajzFgptNwf+jbjQE7f1tI/wTl53cMwd9ZGSwF:iefrjMtmW/ES8wTTwdPGSw

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  863c9b9679dc1646f5126b26c22bb3a3c5e10d15f89325716b33771483e2c7ba
- Size
  
  238KB
- MD5
  
  48fc5bc1eecef40363586181076f17a0
- SHA1
  
  b731cda57251c807dc9fcb1f09e1ee41da52523c
- SHA256
  
  863c9b9679dc1646f5126b26c22bb3a3c5e10d15f89325716b33771483e2c7ba
- SHA512
  
  24ef5b3566fe5b02b7904bf0c9f38690550a851668b06c2892711b56903139ea2b6b0fa8eda261b6bad62b3c88901648adb4ce11cf0d6853d4b0c0b83f57fc0a
- SSDEEP
  
  3072:p0ef7i9FajzFgptNwf+jbjQE7f1tI/wTl53cMwd9ZGSwF:iefrjMtmW/ES8wTTwdPGSw
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan