smokeloader | ed75c3466f1f1634aa2fedc4160eb092121f62fc67827deae43062819b871dd3 | Triage

Sharing

General

Target

JaffaCakes118_91cfa2bedeca8bf9e65adb6a3fba352e
Size

262KB
Sample

250108-hsprpaypet
MD5

91cfa2bedeca8bf9e65adb6a3fba352e
SHA1

dd4a8a0fa47fc911001638cbf24c5048b82361e4
SHA256

ed75c3466f1f1634aa2fedc4160eb092121f62fc67827deae43062819b871dd3
SHA512

b2acdbf8b5530ea2f376af59e55f5fd81107c194418fcbdb1ca3de36c88255a65abafa88c3ef6ce8d77dd6b37cdfcc33cf3d5b3552d5a1e35c2e244bd9a1b5ce
SSDEEP

6144:CGyQPi3wLrNqM7I6KAyqX7tNfVXVHQLIiu8cfo0/pW:CGVPiMrcAKpwZGEX8cA0/M

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  JaffaCakes118_91cfa2bedeca8bf9e65adb6a3fba352e
- Size
  
  262KB
- MD5
  
  91cfa2bedeca8bf9e65adb6a3fba352e
- SHA1
  
  dd4a8a0fa47fc911001638cbf24c5048b82361e4
- SHA256
  
  ed75c3466f1f1634aa2fedc4160eb092121f62fc67827deae43062819b871dd3
- SHA512
  
  b2acdbf8b5530ea2f376af59e55f5fd81107c194418fcbdb1ca3de36c88255a65abafa88c3ef6ce8d77dd6b37cdfcc33cf3d5b3552d5a1e35c2e244bd9a1b5ce
- SSDEEP
  
  6144:CGyQPi3wLrNqM7I6KAyqX7tNfVXVHQLIiu8cfo0/pW:CGVPiMrcAKpwZGEX8cA0/M
Score

10^/10

smokeloader pub5 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoortrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan