smokeloader | 30f62d4218156c877d48d37cbce3976911a8a6a588ef8b4d112438fd9afa0301 | Triage

Sharing

General

Target

30f62d4218156c877d48d37cbce3976911a8a6a588ef8b4d112438fd9afa0301N.exe
Size

307KB
Sample

250111-phxg4sypfs
MD5

78e4059a7fe84ea6bf81724f65379e70
SHA1

4f46ca3f46c1bc04291f53682c3866956aaa6925
SHA256

30f62d4218156c877d48d37cbce3976911a8a6a588ef8b4d112438fd9afa0301
SHA512

aff2690a04d657811c4609049067bcbbb4ae2cc79fced5dabaf469481f2b0802dae1d6a6f9ad975cae728bcfddd9d43fa8fc3ef1268cfb2eec552fb51663b540
SSDEEP

3072:0X38HonS9TPcXMu6VJ8g5L5dnjXtowkq1SgDz2g2GMRmoFE+mcmq5UEI:wsIGc5mL51jorgv2AMRmoe+mzvE

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  30f62d4218156c877d48d37cbce3976911a8a6a588ef8b4d112438fd9afa0301N.exe
- Size
  
  307KB
- MD5
  
  78e4059a7fe84ea6bf81724f65379e70
- SHA1
  
  4f46ca3f46c1bc04291f53682c3866956aaa6925
- SHA256
  
  30f62d4218156c877d48d37cbce3976911a8a6a588ef8b4d112438fd9afa0301
- SHA512
  
  aff2690a04d657811c4609049067bcbbb4ae2cc79fced5dabaf469481f2b0802dae1d6a6f9ad975cae728bcfddd9d43fa8fc3ef1268cfb2eec552fb51663b540
- SSDEEP
  
  3072:0X38HonS9TPcXMu6VJ8g5L5dnjXtowkq1SgDz2g2GMRmoFE+mcmq5UEI:wsIGc5mL51jorgv2AMRmoe+mzvE
Score

10^/10

smokeloader pub4 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoordiscoverytrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan