smokeloader | af8a073ce67e1d3ba3b81132db28f2db0e66af5c4f0bdc4630df42094b27d11e | Triage

Sharing

General

Target

af8a073ce67e1d3ba3b81132db28f2db0e66af5c4f0bdc4630df42094b27d11e.exe
Size

242KB
Sample

250318-h6vvvszn18
MD5

7e7c74edf4d2d65e63365c4066f6e7bf
SHA1

2cb8816de3c44ab21a07b76eaa57886bba09c748
SHA256

af8a073ce67e1d3ba3b81132db28f2db0e66af5c4f0bdc4630df42094b27d11e
SHA512

4ed768b67aecea2cd9a9c6271f7ea69d7e281e36788014e6215db8e72a12cb5f44e52d73dd653183d71cdb58ba16bddf199a325feef3508eb7b4d0302d889056
SSDEEP

3072:RtjY5OnnspO/eDrc3XSsF3QUMYq5G+ndDLjm:Rtjznp/wc31F3Q9y+nVj

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  af8a073ce67e1d3ba3b81132db28f2db0e66af5c4f0bdc4630df42094b27d11e.exe
- Size
  
  242KB
- MD5
  
  7e7c74edf4d2d65e63365c4066f6e7bf
- SHA1
  
  2cb8816de3c44ab21a07b76eaa57886bba09c748
- SHA256
  
  af8a073ce67e1d3ba3b81132db28f2db0e66af5c4f0bdc4630df42094b27d11e
- SHA512
  
  4ed768b67aecea2cd9a9c6271f7ea69d7e281e36788014e6215db8e72a12cb5f44e52d73dd653183d71cdb58ba16bddf199a325feef3508eb7b4d0302d889056
- SSDEEP
  
  3072:RtjY5OnnspO/eDrc3XSsF3QUMYq5G+ndDLjm:Rtjznp/wc31F3Q9y+nVj
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan