smokeloader | 2ae0f6d8734a26e4fb8c8ea862db6085977b1c019ace64e517ea3a25d5c504d1 | Triage

Sharing

General

Target

2ae0f6d8734a26e4fb8c8ea862db6085977b1c019ace64e517ea3a25d5c504d1
Size

308KB
Sample

240417-skftxsfa31
MD5

a8fe5a88b7c956b4ec7460e992607e23
SHA1

edb1eb4cb7d18a3b1769fa7b2a6566c67be59d92
SHA256

2ae0f6d8734a26e4fb8c8ea862db6085977b1c019ace64e517ea3a25d5c504d1
SHA512

80d89ac6dc0da5c98a153404b34e8d4710f78782d47e4290de53d665280393e01ead3f85d1dcd39586767801a233bb3509d177e8b7c7eb68a21003b623ab3b33
SSDEEP

3072:QqBZBfmiLQIu7YFgqAyPL+kPKEuwOIUjXueNHv6OncDmfJLXnOPVPm:9zQ+gFgLdYXu2PRc6fNCVP

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2ae0f6d8734a26e4fb8c8ea862db6085977b1c019ace64e517ea3a25d5c504d1
- Size
  
  308KB
- MD5
  
  a8fe5a88b7c956b4ec7460e992607e23
- SHA1
  
  edb1eb4cb7d18a3b1769fa7b2a6566c67be59d92
- SHA256
  
  2ae0f6d8734a26e4fb8c8ea862db6085977b1c019ace64e517ea3a25d5c504d1
- SHA512
  
  80d89ac6dc0da5c98a153404b34e8d4710f78782d47e4290de53d665280393e01ead3f85d1dcd39586767801a233bb3509d177e8b7c7eb68a21003b623ab3b33
- SSDEEP
  
  3072:QqBZBfmiLQIu7YFgqAyPL+kPKEuwOIUjXueNHv6OncDmfJLXnOPVPm:9zQ+gFgLdYXu2PRc6fNCVP
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan