smokeloader | 7ae7f99dc8e7bb45c91c1f1721bf959e2a5a368f7f9106b8a6a93c8956c84580 | Triage

Sharing

General

Target

7ae7f99dc8e7bb45c91c1f1721bf959e2a5a368f7f9106b8a6a93c8956c84580
Size

173KB
Sample

240417-rqp44sbg28
MD5

783218733aab0a498c1daf37e2575b97
SHA1

2ecd39226ce9673267d29c38677bd78ca3dc69cf
SHA256

7ae7f99dc8e7bb45c91c1f1721bf959e2a5a368f7f9106b8a6a93c8956c84580
SHA512

7da39afc734127df3863839d8d5fe1ae0e9fc3224bed6b011214c0f6e63ebe6284e8eaaa81605d204158936bf0bf0d204e3584b2f8302f530d440aab34d7f612
SSDEEP

3072:pbP8Wu+Wu/lPartq0DguFKVqw0jFlmcvqbnJCbb3Bugt5MHzg:pgWZ3PaRSuw1kocibJK3MgDM8

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  4b06c62c07429d0bbc7f9126a18c2e959e5c52c09236dbfb5b16a09390f0a300.exe
- Size
  
  288KB
- MD5
  
  e88da5d3f528d78eabc2de83797c2195
- SHA1
  
  7937c0b3fac48fa50aa74e80387a6ff6f463c978
- SHA256
  
  4b06c62c07429d0bbc7f9126a18c2e959e5c52c09236dbfb5b16a09390f0a300
- SHA512
  
  4dfb673cfab033d7d40ef383ef36841d3c8fd1a1f2c80bfd05c896aa3d9c38c08301d89e4543e9b300a44787c9a57a13e34654f5374d6788c1e56e37c69be9a9
- SSDEEP
  
  3072:OziRfFi3WzI2OfoyFIUVvBmAx0H3q0eJ5cLw5p0s0hQUxaIa2VM:/RfFDG3FJVvtyeJ5JKQUxaIh
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan