smokeloader | 10c347a9bf72393e560d6a205e06f913b4ffce8fdf44ef26cffa0c98e3923213 | Triage

Sharing

General

Target

10c347a9bf72393e560d6a205e06f913b4ffce8fdf44ef26cffa0c98e3923213
Size

306KB
Sample

240417-hmqf2ahh2w
MD5

352addabc1f72cf820db6447f0cdb24c
SHA1

faf0b84d28eec738c603512e6a7b0cd69c28918f
SHA256

10c347a9bf72393e560d6a205e06f913b4ffce8fdf44ef26cffa0c98e3923213
SHA512

f135b2f2e261e704809b8d803bfe8039e0ea9fb4ba388a5ee9958d8f90518cddff35dd22308c94c6207f9d220e57f2cb5bcea41ebbab3eb53ec0a5413aa6af66
SSDEEP

3072:QChrRyTiEHrOhXTHsglq9LCu+PPuzLJow1Wukl1WHUfWKqrXVEz4gzwleN:3ydLOWgYRCuXowxs1WsWJxENB

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  10c347a9bf72393e560d6a205e06f913b4ffce8fdf44ef26cffa0c98e3923213
- Size
  
  306KB
- MD5
  
  352addabc1f72cf820db6447f0cdb24c
- SHA1
  
  faf0b84d28eec738c603512e6a7b0cd69c28918f
- SHA256
  
  10c347a9bf72393e560d6a205e06f913b4ffce8fdf44ef26cffa0c98e3923213
- SHA512
  
  f135b2f2e261e704809b8d803bfe8039e0ea9fb4ba388a5ee9958d8f90518cddff35dd22308c94c6207f9d220e57f2cb5bcea41ebbab3eb53ec0a5413aa6af66
- SSDEEP
  
  3072:QChrRyTiEHrOhXTHsglq9LCu+PPuzLJow1Wukl1WHUfWKqrXVEz4gzwleN:3ydLOWgYRCuXowxs1WsWJxENB
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan