smokeloader | 2031990c23b02f14927d6e81c767671f030228a52f56ffba1dbc5a20d5cd3552 | Triage

Sharing

General

Target

JaffaCakes118_1af134c8d0c42c155d731736acdad0ed
Size

333KB
Sample

250106-k54sgsvncq
MD5

1af134c8d0c42c155d731736acdad0ed
SHA1

6fbdd621b41cad2aeec78697ef480e7ac9e4320d
SHA256

2031990c23b02f14927d6e81c767671f030228a52f56ffba1dbc5a20d5cd3552
SHA512

f0199832b27387951bc00bc19346b94ae8b4a324be4e3fcc4d331fe76904ea5234a91ba5cbd3e4f0d14fb4dd408804d130069dd3aef300ef48c0805cfa57e409
SSDEEP

6144:/XRL6e06CiWalbhbJo1y2vQdey7hfWsrY2/NFfD3ArbcPRKpXGn0o7:/5J0I1Lo1Gey71HrRfD3AvQKp2nd

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  JaffaCakes118_1af134c8d0c42c155d731736acdad0ed
- Size
  
  333KB
- MD5
  
  1af134c8d0c42c155d731736acdad0ed
- SHA1
  
  6fbdd621b41cad2aeec78697ef480e7ac9e4320d
- SHA256
  
  2031990c23b02f14927d6e81c767671f030228a52f56ffba1dbc5a20d5cd3552
- SHA512
  
  f0199832b27387951bc00bc19346b94ae8b4a324be4e3fcc4d331fe76904ea5234a91ba5cbd3e4f0d14fb4dd408804d130069dd3aef300ef48c0805cfa57e409
- SSDEEP
  
  6144:/XRL6e06CiWalbhbJo1y2vQdey7hfWsrY2/NFfD3ArbcPRKpXGn0o7:/5J0I1Lo1Gey71HrRfD3AvQKp2nd
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan