smokeloader | 69e4203d32d5f071be287f367d0a42050eeb6c2ae9483cc12738d88d2f221f9e | Triage

Sharing

General

Target

69e4203d32d5f071be287f367d0a42050eeb6c2ae9483cc12738d88d2f221f9e
Size

332KB
Sample

240423-2q874acf42
MD5

e3b5e62f8d3ed5965a09f5c17aa87c48
SHA1

9a0fac5e7e2741d1c278db94dd4067273ac83181
SHA256

69e4203d32d5f071be287f367d0a42050eeb6c2ae9483cc12738d88d2f221f9e
SHA512

30448186e021d72d8fe08dbd0bb6d1a1fc9dc7d581250011183b49a00949e4c6deb635ed340fb56700f036361cd01916921c647802c45ef17813e14a75a05086
SSDEEP

3072:W/0VverUpWavj9+Ebc+NQAZX+yGpHdLImZYh204BwLdJe5X0Cn8Kk2Fi/DI5Tg0:H6UlU84E2uz4BwLdJv5KqbI5T

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  69e4203d32d5f071be287f367d0a42050eeb6c2ae9483cc12738d88d2f221f9e
- Size
  
  332KB
- MD5
  
  e3b5e62f8d3ed5965a09f5c17aa87c48
- SHA1
  
  9a0fac5e7e2741d1c278db94dd4067273ac83181
- SHA256
  
  69e4203d32d5f071be287f367d0a42050eeb6c2ae9483cc12738d88d2f221f9e
- SHA512
  
  30448186e021d72d8fe08dbd0bb6d1a1fc9dc7d581250011183b49a00949e4c6deb635ed340fb56700f036361cd01916921c647802c45ef17813e14a75a05086
- SSDEEP
  
  3072:W/0VverUpWavj9+Ebc+NQAZX+yGpHdLImZYh204BwLdJe5X0Cn8Kk2Fi/DI5Tg0:H6UlU84E2uz4BwLdJv5KqbI5T
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan