smokeloader | 7c91657c83118c91043fcdb9d616fbf219acc7ea7d793e3276e8ee801d1576c9 | Triage

Sharing

General

Target

JaffaCakes118_10e13cc7b41d162ab578256f27d297b1
Size

333KB
Sample

250106-f3c5jazlbk
MD5

10e13cc7b41d162ab578256f27d297b1
SHA1

1d938b7e6e99951d9b8139f078483539120021e6
SHA256

7c91657c83118c91043fcdb9d616fbf219acc7ea7d793e3276e8ee801d1576c9
SHA512

22769c54259f0f82eed0f6d8d8c0d0040acf276baab8e75ed7832c771f1544939918ada9d1bc386acca0db84a0291f5932fff0f5d131e1127aff87811353e3cd
SSDEEP

6144:f1hmmUd3J4a4dycn47dCPcx7AhjcJQ/q7Q++uW3RmZvBs8SSF0:f+mUd3Coj7dlW5cmq7f+RWi8x

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  JaffaCakes118_10e13cc7b41d162ab578256f27d297b1
- Size
  
  333KB
- MD5
  
  10e13cc7b41d162ab578256f27d297b1
- SHA1
  
  1d938b7e6e99951d9b8139f078483539120021e6
- SHA256
  
  7c91657c83118c91043fcdb9d616fbf219acc7ea7d793e3276e8ee801d1576c9
- SHA512
  
  22769c54259f0f82eed0f6d8d8c0d0040acf276baab8e75ed7832c771f1544939918ada9d1bc386acca0db84a0291f5932fff0f5d131e1127aff87811353e3cd
- SSDEEP
  
  6144:f1hmmUd3J4a4dycn47dCPcx7AhjcJQ/q7Q++uW3RmZvBs8SSF0:f+mUd3Coj7dlW5cmq7f+RWi8x
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan