smokeloader | ae31150a88972baaef828058a5c70ccba8c92e2564b5138b4091ce23e98a7182 | Triage

Sharing

General

Target

ae31150a88972baaef828058a5c70ccba8c92e2564b5138b4091ce23e98a7182
Size

282KB
Sample

240424-k4mgtagc61
MD5

4f660463445875a6f9ba1d713c9ecf04
SHA1

2b0c3fbb1e6223dbd82a4c657cccca654d421039
SHA256

ae31150a88972baaef828058a5c70ccba8c92e2564b5138b4091ce23e98a7182
SHA512

98b8e1c0329bb14f1927bb74b537c17c1bac32f05b7ed8b06d46ccc2431428a696f3cbdc772eac64c266fda2e8818ac99b467f19db86062c5cce988554e100f9
SSDEEP

3072:0ul+9Y+pjYWTIEb1+iQAZX7ED5Ef8EBriTGr2HLuJM6qG7MUr7+RKTS5X0yTlL:9+7R1GGfLBuTGar76qGy8TyT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ae31150a88972baaef828058a5c70ccba8c92e2564b5138b4091ce23e98a7182
- Size
  
  282KB
- MD5
  
  4f660463445875a6f9ba1d713c9ecf04
- SHA1
  
  2b0c3fbb1e6223dbd82a4c657cccca654d421039
- SHA256
  
  ae31150a88972baaef828058a5c70ccba8c92e2564b5138b4091ce23e98a7182
- SHA512
  
  98b8e1c0329bb14f1927bb74b537c17c1bac32f05b7ed8b06d46ccc2431428a696f3cbdc772eac64c266fda2e8818ac99b467f19db86062c5cce988554e100f9
- SSDEEP
  
  3072:0ul+9Y+pjYWTIEb1+iQAZX7ED5Ef8EBriTGr2HLuJM6qG7MUr7+RKTS5X0yTlL:9+7R1GGfLBuTGar76qGy8TyT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan