smokeloader

Sharing

Copy URL

Twitter E-mail

General

Target

269ce16934958eea602b31a379ac29e6_JaffaCakes118
Size

286KB
Sample

240704-3c8j3svgnp
MD5

269ce16934958eea602b31a379ac29e6
SHA1

a2a5a72bc8b57c189ae4f6340c7a299ef362a63b
SHA256

7495125a6a464a21d654ea0efb2d63af9250911c485153ee8ec7285f36be0ba7
SHA512

92bd217aa7e61baef352af00b5844ffe5fe1189cb36c220780bff357fe7e681f6d732b51c79967575835d9499d69e565df3d4c7c922982726dbfe5df80ea53fc
SSDEEP

6144:IxqWDFLlXqQnEDkzzkKhmn93L6MCOhxxFeTr/ekI:8qqRXqQnEDkiVL6+zxF6L

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Extracted

Family

smokeloader

Version

2020

http://gmpeople.com/upload/

http://mile48.com/upload/

http://lecanardstsornin.com/upload/

http://m3600.com/upload/

http://camasirx.com/upload/

rc4.i32

Targets

- Target
  
  269ce16934958eea602b31a379ac29e6_JaffaCakes118
- Size
  
  286KB
- MD5
  
  269ce16934958eea602b31a379ac29e6
- SHA1
  
  a2a5a72bc8b57c189ae4f6340c7a299ef362a63b
- SHA256
  
  7495125a6a464a21d654ea0efb2d63af9250911c485153ee8ec7285f36be0ba7
- SHA512
  
  92bd217aa7e61baef352af00b5844ffe5fe1189cb36c220780bff357fe7e681f6d732b51c79967575835d9499d69e565df3d4c7c922982726dbfe5df80ea53fc
- SSDEEP
  
  6144:IxqWDFLlXqQnEDkzzkKhmn93L6MCOhxxFeTr/ekI:8qqRXqQnEDkiVL6+zxF6L
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2