smokeloader | 7e7cd977c3abbb03a0b25e92a79707894ca58f860a6d3e3f039ea8fba51b8439 | Triage

Submit
Reports

Overview

overview

Static

static

3

0deee20c59...18.exe

windows7-x64

0deee20c59...18.exe

windows10-2004-x64

Sharing

General

Target

0deee20c595fa349a755ee311370ad8f_JaffaCakes118
Size

113KB
Sample

240625-ntxftaxelc
MD5

0deee20c595fa349a755ee311370ad8f
SHA1

e9d63c829707284a6390cf7affe190ab1d3360b8
SHA256

7e7cd977c3abbb03a0b25e92a79707894ca58f860a6d3e3f039ea8fba51b8439
SHA512

663b53f06989122eb402dc59e87e6b0e0ac311a4f0a1f063bcbbc7aa468adacb2fd3ce243d180d9afd0608e1c5d54b56118cf4e907d0defb86111c84e760350f
SSDEEP

1536:JbLihNNyPGoJJq+svg9373X7+a4nAliVhZpJ5Bmc1Dsl9At5RuFckqJdBwAbTr:JbLOyJsnvgJz79SpbkT6t5wFBmdBtP

Score

10^/10

smokeloader pub1 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0deee20c595fa349a755ee311370ad8f_JaffaCakes118.exe

Resource

win7-20240611-en

smokeloader pub1 backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0deee20c595fa349a755ee311370ad8f_JaffaCakes118.exe

Resource

win10v2004-20240508-en

smokeloader pub1 backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  0deee20c595fa349a755ee311370ad8f_JaffaCakes118
- Size
  
  113KB
- MD5
  
  0deee20c595fa349a755ee311370ad8f
- SHA1
  
  e9d63c829707284a6390cf7affe190ab1d3360b8
- SHA256
  
  7e7cd977c3abbb03a0b25e92a79707894ca58f860a6d3e3f039ea8fba51b8439
- SHA512
  
  663b53f06989122eb402dc59e87e6b0e0ac311a4f0a1f063bcbbc7aa468adacb2fd3ce243d180d9afd0608e1c5d54b56118cf4e907d0defb86111c84e760350f
- SSDEEP
  
  1536:JbLihNNyPGoJJq+svg9373X7+a4nAliVhZpJ5Bmc1Dsl9At5RuFckqJdBwAbTr:JbLOyJsnvgJz79SpbkT6t5wFBmdBtP
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan

© 2018-2024

Terms | Privacy