smokeloader | c29cf1b69013a305ecac54d82e91a65c1556c8e7e07a93db9bee53f5f0f63999 | Triage

Sharing

General

Target

c29cf1b69013a305ecac54d82e91a65c1556c8e7e07a93db9bee53f5f0f63999
Size

282KB
Sample

240424-g8wdqsfe6z
MD5

7a84a1cefe8659c47a33c4fc3b2202cd
SHA1

d6e6f350aee92c49df2ea0723944f2b625de3b2f
SHA256

c29cf1b69013a305ecac54d82e91a65c1556c8e7e07a93db9bee53f5f0f63999
SHA512

c5b510529ed770fc97abc795b65236179e86fda12d3a11b262805ddcc62dfd01fcd1030e826a3c748f76409e3e68869674d8bcb91b6075deaef071f77327963a
SSDEEP

3072:p7CluMPwMLibpOWGDuoEbU+3QAZXdJ2h74U/A5wmbbvh1XrFPnG93EYqmoxzXps4:oP1ebDmPqOcpfPZ+J6zjqX0xrUyT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  c29cf1b69013a305ecac54d82e91a65c1556c8e7e07a93db9bee53f5f0f63999
- Size
  
  282KB
- MD5
  
  7a84a1cefe8659c47a33c4fc3b2202cd
- SHA1
  
  d6e6f350aee92c49df2ea0723944f2b625de3b2f
- SHA256
  
  c29cf1b69013a305ecac54d82e91a65c1556c8e7e07a93db9bee53f5f0f63999
- SHA512
  
  c5b510529ed770fc97abc795b65236179e86fda12d3a11b262805ddcc62dfd01fcd1030e826a3c748f76409e3e68869674d8bcb91b6075deaef071f77327963a
- SSDEEP
  
  3072:p7CluMPwMLibpOWGDuoEbU+3QAZXdJ2h74U/A5wmbbvh1XrFPnG93EYqmoxzXps4:oP1ebDmPqOcpfPZ+J6zjqX0xrUyT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan