smokeloader | 8aa4f47803c9ab61cf0856c10fceb793622b55c4097e60fd5533c12e4c01d91f | Triage

Sharing

General

Target

8aa4f47803c9ab61cf0856c10fceb793622b55c4097e60fd5533c12e4c01d91f
Size

307KB
Sample

240417-e99awafe41
MD5

22c1191eeea1053b8ed8a81029e1afdf
SHA1

fa2d612eb7f6f0e9495f12abf542c8c85b59b074
SHA256

8aa4f47803c9ab61cf0856c10fceb793622b55c4097e60fd5533c12e4c01d91f
SHA512

4ecd937cf6aac367f162a7beaaa81016b64f91a583ee2be550dde6eee67781a0f12e2d682300f357ba99a3531f3dca7336fb66e8b8a5d02b832ae75583b49bbc
SSDEEP

6144:qEQKgLvWV+HXyQ26KJUPM3Sg8ImI4vx6:qV7vWV+HXyQ26tPM338IRq

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8aa4f47803c9ab61cf0856c10fceb793622b55c4097e60fd5533c12e4c01d91f
- Size
  
  307KB
- MD5
  
  22c1191eeea1053b8ed8a81029e1afdf
- SHA1
  
  fa2d612eb7f6f0e9495f12abf542c8c85b59b074
- SHA256
  
  8aa4f47803c9ab61cf0856c10fceb793622b55c4097e60fd5533c12e4c01d91f
- SHA512
  
  4ecd937cf6aac367f162a7beaaa81016b64f91a583ee2be550dde6eee67781a0f12e2d682300f357ba99a3531f3dca7336fb66e8b8a5d02b832ae75583b49bbc
- SSDEEP
  
  6144:qEQKgLvWV+HXyQ26KJUPM3Sg8ImI4vx6:qV7vWV+HXyQ26tPM338IRq
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan