smokeloader | d5acc924425fbd84dafabacbed642628acee74582621b8d0c63a75650dca1c99 | Triage

Sharing

General

Target

JaffaCakes118_1b1cb353957fe73e024db0372f71ff6c
Size

233KB
Sample

250106-k71hvaspdw
MD5

1b1cb353957fe73e024db0372f71ff6c
SHA1

0020acff271c5e5c65574c7ea4dc62a79a864feb
SHA256

d5acc924425fbd84dafabacbed642628acee74582621b8d0c63a75650dca1c99
SHA512

66ca90a5b94d8c395bae47e67f296134539dcb777003d104b89b3667b6585a1f8c5fc055447b35f9312597258eddf411d06c5732902e280639406735dbd06d3b
SSDEEP

3072:yGxrYHhs5iU7HSKZOGmrsjaJBkqz5iNRKrnSbcOT+CNf4/AWaSkSJu98vd:GHhs5idKZ5SR5iNRKpAIADG8el

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  JaffaCakes118_1b1cb353957fe73e024db0372f71ff6c
- Size
  
  233KB
- MD5
  
  1b1cb353957fe73e024db0372f71ff6c
- SHA1
  
  0020acff271c5e5c65574c7ea4dc62a79a864feb
- SHA256
  
  d5acc924425fbd84dafabacbed642628acee74582621b8d0c63a75650dca1c99
- SHA512
  
  66ca90a5b94d8c395bae47e67f296134539dcb777003d104b89b3667b6585a1f8c5fc055447b35f9312597258eddf411d06c5732902e280639406735dbd06d3b
- SSDEEP
  
  3072:yGxrYHhs5iU7HSKZOGmrsjaJBkqz5iNRKrnSbcOT+CNf4/AWaSkSJu98vd:GHhs5idKZ5SR5iNRKpAIADG8el
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan