smokeloader | df231158afb377a5f5a2d0ecfb130d26cc0123762bcef1c7c3ba8b36f2dba0ba | Triage

Sharing

General

Target

JaffaCakes118_dc7318eed018b03aed0a3915c2e22077
Size

220KB
Sample

250110-ghmznstqfy
MD5

dc7318eed018b03aed0a3915c2e22077
SHA1

1d7bff4c07e31ddbbebb45361ecca573f0793518
SHA256

df231158afb377a5f5a2d0ecfb130d26cc0123762bcef1c7c3ba8b36f2dba0ba
SHA512

91f38224ac018ba60d7da08face2dc3d04c082fe49f48b3ecfc012ae7f62b64daf627c52d643fad687b0412c53d66d0eb586a5ebbe8290055232f2c290203a38
SSDEEP

3072:D+FolnBVoIZ4Jum7fXs1hq7nPboS9D98aShyuy6inoeLraOJpQ3E:EolnBVdeJusfXOaTVx98aC3bOUE

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  JaffaCakes118_dc7318eed018b03aed0a3915c2e22077
- Size
  
  220KB
- MD5
  
  dc7318eed018b03aed0a3915c2e22077
- SHA1
  
  1d7bff4c07e31ddbbebb45361ecca573f0793518
- SHA256
  
  df231158afb377a5f5a2d0ecfb130d26cc0123762bcef1c7c3ba8b36f2dba0ba
- SHA512
  
  91f38224ac018ba60d7da08face2dc3d04c082fe49f48b3ecfc012ae7f62b64daf627c52d643fad687b0412c53d66d0eb586a5ebbe8290055232f2c290203a38
- SSDEEP
  
  3072:D+FolnBVoIZ4Jum7fXs1hq7nPboS9D98aShyuy6inoeLraOJpQ3E:EolnBVdeJusfXOaTVx98aC3bOUE
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan