smokeloader | 7e84b0e9413e2b8dcb276f31f11583aae3fb1aeda2d0e9d3a63b45da3faf4ae0 | Triage

Sharing

General

Target

7e84b0e9413e2b8dcb276f31f11583aae3fb1aeda2d0e9d3a63b45da3faf4ae0
Size

172KB
Sample

240417-r9wq1aee3t
MD5

fb42ce11d07c613d1f94a7f1471a05e8
SHA1

961d80658afb00f2f361fb58e6846da10b7758df
SHA256

7e84b0e9413e2b8dcb276f31f11583aae3fb1aeda2d0e9d3a63b45da3faf4ae0
SHA512

7b3b2dcdb633e42b4913dc42e37257d539354b0f765d5af14c866a055c2bde4ef698836a409e752e5ac1d71e12db9f0563d53387a49b52cb7da5659b99611aa4
SSDEEP

3072:hj2XSWPc/Z9I8zAFCXaZZTxmwFGYY6pkMsnIrNlBg6ZibgW0SkIzWaVH+1SX:hjUSWP0I8z4ZZTVFPpTsnEZibgW0Sk+N

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2739b41aab3ff3cc0727ada7ad04162f0379ef151c7d4b4296e963a2a74891c5.exe
- Size
  
  300KB
- MD5
  
  8c6bef1a357f339aae97e1e29a5eb682
- SHA1
  
  43da742dc3c195f703680ee5078c4a9ec77b92e0
- SHA256
  
  2739b41aab3ff3cc0727ada7ad04162f0379ef151c7d4b4296e963a2a74891c5
- SHA512
  
  35da85906b763230494a348d3f08ae21172f1680af940661d5dec51becb45b9f783eefc130f7611290a8cf4cfa263c195c0ca9152cb4c2f3e8e80a981f180931
- SSDEEP
  
  6144:qLSLqSQSiZ9jlMWzLUeBPSGfTgYn79o6q:qLSmSiZ9jlMWXdP5n7a
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan