smokeloader | d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc | Triage

Sharing

General

Target

2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader
Size

428KB
Sample

250330-awlv7swvcy
MD5

301c1911097e970171c6b70ddbbb5936
SHA1

a4257eb568c751b587bdcd44adb90814dcee6bc0
SHA256

d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc
SHA512

831153bc578309106b4b9106a1e971309ff857b8d0f187b1cfc81ef5da2ffd2eda4b0bf324db596fbd9105aefab60b2e05189108a479e828c3cb409e49633b26
SSDEEP

6144:zueLxGurWsVg44ZojxemC36lI19pFHYjhSifvGYcz1T:zueVGu6sehZ2y6lI5F0tnSh

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader
- Size
  
  428KB
- MD5
  
  301c1911097e970171c6b70ddbbb5936
- SHA1
  
  a4257eb568c751b587bdcd44adb90814dcee6bc0
- SHA256
  
  d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc
- SHA512
  
  831153bc578309106b4b9106a1e971309ff857b8d0f187b1cfc81ef5da2ffd2eda4b0bf324db596fbd9105aefab60b2e05189108a479e828c3cb409e49633b26
- SSDEEP
  
  6144:zueLxGurWsVg44ZojxemC36lI19pFHYjhSifvGYcz1T:zueVGu6sehZ2y6lI5F0tnSh
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan