smokeloader | d82dd6ad1da44d87bb0a019a7c2b389a5bf234c67d0a337196f4856c64ad895a | Triage

Sharing

General

Target

d82dd6ad1da44d87bb0a019a7c2b389a5bf234c67d0a337196f4856c64ad895a
Size

280KB
Sample

240424-jl2cksfg81
MD5

c4da1e687b7a17759e7629270928fce0
SHA1

4ab6d7d2ecd5abec3fc169b872ef34cf3afa146a
SHA256

d82dd6ad1da44d87bb0a019a7c2b389a5bf234c67d0a337196f4856c64ad895a
SHA512

dac01bd31ea4b2b4f66fcaa61a3d0721dae7cf5aef402f0b2ada0842ca265f9fa25fe4e0a1d1c677f7eedbc361fc5bc9a8468b58190c6e54c836d32187ebc632
SSDEEP

3072:bWleTa5DpfLD3BEbS+rQAZX68gr9IrP1hcP8FPB+IuR8KEceJR95X0yTlL:Y5DhTu68gsc0FJTUEceJRcyT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d82dd6ad1da44d87bb0a019a7c2b389a5bf234c67d0a337196f4856c64ad895a
- Size
  
  280KB
- MD5
  
  c4da1e687b7a17759e7629270928fce0
- SHA1
  
  4ab6d7d2ecd5abec3fc169b872ef34cf3afa146a
- SHA256
  
  d82dd6ad1da44d87bb0a019a7c2b389a5bf234c67d0a337196f4856c64ad895a
- SHA512
  
  dac01bd31ea4b2b4f66fcaa61a3d0721dae7cf5aef402f0b2ada0842ca265f9fa25fe4e0a1d1c677f7eedbc361fc5bc9a8468b58190c6e54c836d32187ebc632
- SSDEEP
  
  3072:bWleTa5DpfLD3BEbS+rQAZX68gr9IrP1hcP8FPB+IuR8KEceJR95X0yTlL:Y5DhTu68gsc0FJTUEceJRcyT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan