smokeloader | e4ba726fbd2c56cd2426ba04823637264be89a9807a935d0939dc1578bdd951e | Triage

Sharing

General

Target

JaffaCakes118_be60d71b303f2aae5618315147c7d3f9
Size

340KB
Sample

250109-fjjg7syrbx
MD5

be60d71b303f2aae5618315147c7d3f9
SHA1

3193aa204c2cf5a82ac532ab9fd436acad7953c1
SHA256

e4ba726fbd2c56cd2426ba04823637264be89a9807a935d0939dc1578bdd951e
SHA512

2c15b655b0cc12eb7bd5329a922dbdba6f226748f45d03c777980cce79a841c28a1d9dc1283d0a5c361e4ebd537f2ba4c1b44f59d3a5faf132eae48f1f884a77
SSDEEP

6144:IQ31DWvFRu0pIIC6nVm6j4qYmSkF/bzOdzzJIlt+MSq:9DWvSIvVNMqYmSkF/CzNIls

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  JaffaCakes118_be60d71b303f2aae5618315147c7d3f9
- Size
  
  340KB
- MD5
  
  be60d71b303f2aae5618315147c7d3f9
- SHA1
  
  3193aa204c2cf5a82ac532ab9fd436acad7953c1
- SHA256
  
  e4ba726fbd2c56cd2426ba04823637264be89a9807a935d0939dc1578bdd951e
- SHA512
  
  2c15b655b0cc12eb7bd5329a922dbdba6f226748f45d03c777980cce79a841c28a1d9dc1283d0a5c361e4ebd537f2ba4c1b44f59d3a5faf132eae48f1f884a77
- SSDEEP
  
  6144:IQ31DWvFRu0pIIC6nVm6j4qYmSkF/bzOdzzJIlt+MSq:9DWvSIvVNMqYmSkF/CzNIls
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan