smokeloader | 38250f9b7b78854c54393000a0036c9cf33ea3293c84aeb787e1ec0ca8fc26ec | Triage

Sharing

General

Target

38250f9b7b78854c54393000a0036c9cf33ea3293c84aeb787e1ec0ca8fc26ecN.exe
Size

242KB
Sample

250121-b252pszlgs
MD5

0ed867dbf8d29cdea29bd03c5f92a9e0
SHA1

5e2fd45e8f5032701c2661b6d0887eb4c5f2be1b
SHA256

38250f9b7b78854c54393000a0036c9cf33ea3293c84aeb787e1ec0ca8fc26ec
SHA512

91fb4ddcb907d750a369b914271c6c7413e29727f2250d4f6e40eb73456e54ef5aa9ba3c1eb8b93ccaf1d48530dfec0a3df551e57b91d1cf6da5c31d0d346b37
SSDEEP

3072:UpVzgY3r+ApUIehduHAe53b2V14NPvQ5ytfEF+kqMj:UlJpUIehd2VPffS

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  38250f9b7b78854c54393000a0036c9cf33ea3293c84aeb787e1ec0ca8fc26ecN.exe
- Size
  
  242KB
- MD5
  
  0ed867dbf8d29cdea29bd03c5f92a9e0
- SHA1
  
  5e2fd45e8f5032701c2661b6d0887eb4c5f2be1b
- SHA256
  
  38250f9b7b78854c54393000a0036c9cf33ea3293c84aeb787e1ec0ca8fc26ec
- SHA512
  
  91fb4ddcb907d750a369b914271c6c7413e29727f2250d4f6e40eb73456e54ef5aa9ba3c1eb8b93ccaf1d48530dfec0a3df551e57b91d1cf6da5c31d0d346b37
- SSDEEP
  
  3072:UpVzgY3r+ApUIehduHAe53b2V14NPvQ5ytfEF+kqMj:UlJpUIehd2VPffS
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan