smokeloader | 68b862ef97329adf8fcc2c82436472f0cb59ce5e06fa9429fd7c6bae7f50d7e5 | Triage

Sharing

General

Target

JaffaCakes118_d88e56f3d04918fd5a93d72bd8c9c078
Size

345KB
Sample

250110-czvnma1nej
MD5

d88e56f3d04918fd5a93d72bd8c9c078
SHA1

1553f50d46b7fc1b83582b9b8529810c46ff143f
SHA256

68b862ef97329adf8fcc2c82436472f0cb59ce5e06fa9429fd7c6bae7f50d7e5
SHA512

add9884a34dc7f31da016907b2b8ebdd778764b9792028fe728aef283656ae0f591f1fd9da73b365bc5b1f118c0b115b3286f61615c5dbaa3ebb8a69be8f78ae
SSDEEP

6144:BHdqqzjjo9f4LUatDrBPsQRuI3R00gBGmObbdxqmLUN1rBQbLTrH:B9Fzjjsf4YqDBsQRVKZQbdxqm0rBGLH

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  JaffaCakes118_d88e56f3d04918fd5a93d72bd8c9c078
- Size
  
  345KB
- MD5
  
  d88e56f3d04918fd5a93d72bd8c9c078
- SHA1
  
  1553f50d46b7fc1b83582b9b8529810c46ff143f
- SHA256
  
  68b862ef97329adf8fcc2c82436472f0cb59ce5e06fa9429fd7c6bae7f50d7e5
- SHA512
  
  add9884a34dc7f31da016907b2b8ebdd778764b9792028fe728aef283656ae0f591f1fd9da73b365bc5b1f118c0b115b3286f61615c5dbaa3ebb8a69be8f78ae
- SSDEEP
  
  6144:BHdqqzjjo9f4LUatDrBPsQRuI3R00gBGmObbdxqmLUN1rBQbLTrH:B9Fzjjsf4YqDBsQRVKZQbdxqm0rBGLH
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan