smokeloader | 43c0c49c151de5a2a40238aacaf177d5c67bb65409b04903aa0b9417f5bce846 | Triage

Sharing

General

Target

15e221b582715af624e7cc72ddf34c06.exe
Size

252KB
Sample

250127-h3slbsxkh1
MD5

15e221b582715af624e7cc72ddf34c06
SHA1

e940b28af53b16c8e2b45fc51bd4b54cfebdb1eb
SHA256

43c0c49c151de5a2a40238aacaf177d5c67bb65409b04903aa0b9417f5bce846
SHA512

5dbdf74c5e3e670d92c3bc4dcc92a719158f1b233de3d1d8d84391c85457995c6d17971c9edaf4588b43fb037789c77e5ae31c0a381044bbf32591c6cfe70bd0
SSDEEP

1536:/VAQDfh2Q5XCUdo77R72IN8V8YBNulMHizbPOx2EkHShu+dr+hclFKC05+kWaOTR:dlBbCYoMHiXPDSndr+7C05Gdvm5XI3t

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  15e221b582715af624e7cc72ddf34c06.exe
- Size
  
  252KB
- MD5
  
  15e221b582715af624e7cc72ddf34c06
- SHA1
  
  e940b28af53b16c8e2b45fc51bd4b54cfebdb1eb
- SHA256
  
  43c0c49c151de5a2a40238aacaf177d5c67bb65409b04903aa0b9417f5bce846
- SHA512
  
  5dbdf74c5e3e670d92c3bc4dcc92a719158f1b233de3d1d8d84391c85457995c6d17971c9edaf4588b43fb037789c77e5ae31c0a381044bbf32591c6cfe70bd0
- SSDEEP
  
  1536:/VAQDfh2Q5XCUdo77R72IN8V8YBNulMHizbPOx2EkHShu+dr+hclFKC05+kWaOTR:dlBbCYoMHiXPDSndr+7C05Gdvm5XI3t
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan