smokeloader | 323e2c782142c1ccb02e6d28779211eb520317fe73c4a1931b4c07c00c88cb5f | Triage

Sharing

General

Target

JaffaCakes118_9a74d5eab143394d5f7488c5ec0de4f4
Size

345KB
Sample

250108-mek9kayjdq
MD5

9a74d5eab143394d5f7488c5ec0de4f4
SHA1

f32f0d695d48e4d8bc0f7f7521b9bc415a2c28b4
SHA256

323e2c782142c1ccb02e6d28779211eb520317fe73c4a1931b4c07c00c88cb5f
SHA512

72a3e7c1c021e11260760f78313953ce974a090cd1215df43196bd62d3c5df6f181c1b5e3a260a4a9eea1a55caa919a209a50b76fb58253d5863196d6b9754f6
SSDEEP

6144:jkvj81FNSWp06e+r3oTGuqVPip64ZDSRRntNJ/qxrfgAXgPy/4:jAeiWpY+rNFBi6kDSRRtixrYA

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  JaffaCakes118_9a74d5eab143394d5f7488c5ec0de4f4
- Size
  
  345KB
- MD5
  
  9a74d5eab143394d5f7488c5ec0de4f4
- SHA1
  
  f32f0d695d48e4d8bc0f7f7521b9bc415a2c28b4
- SHA256
  
  323e2c782142c1ccb02e6d28779211eb520317fe73c4a1931b4c07c00c88cb5f
- SHA512
  
  72a3e7c1c021e11260760f78313953ce974a090cd1215df43196bd62d3c5df6f181c1b5e3a260a4a9eea1a55caa919a209a50b76fb58253d5863196d6b9754f6
- SSDEEP
  
  6144:jkvj81FNSWp06e+r3oTGuqVPip64ZDSRRntNJ/qxrfgAXgPy/4:jAeiWpY+rNFBi6kDSRRtixrYA
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan