smokeloader | f25fb3950d39d7724ce8e66b5f119fbcaf29c4b2298370a9836522c558fb0899 | Triage

Sharing

General

Target

f25fb3950d39d7724ce8e66b5f119fbcaf29c4b2298370a9836522c558fb0899
Size

282KB
Sample

240424-lfhz6agd7v
MD5

ace289da5cddc59b000f6caaa8c580d8
SHA1

231a61ad87ed21c45ffd780bff9bf0d4a5164516
SHA256

f25fb3950d39d7724ce8e66b5f119fbcaf29c4b2298370a9836522c558fb0899
SHA512

45696542523e2eac7a719bc02012b475f1db0090c5b63978d2923fae4cb2089c4dc37ef00a8a72f01fb403df4de77e5b47cf0822d7721bece3dbd957a2d1b144
SSDEEP

3072:irGHu4dpL7DA6gH3EbG+xXJZXx0q/shZBPd4spKHT1Cll3Tm6WklVUPBxTlN:5dZU1iLSqEhZZd4scHToi6Wk/UPBxT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f25fb3950d39d7724ce8e66b5f119fbcaf29c4b2298370a9836522c558fb0899
- Size
  
  282KB
- MD5
  
  ace289da5cddc59b000f6caaa8c580d8
- SHA1
  
  231a61ad87ed21c45ffd780bff9bf0d4a5164516
- SHA256
  
  f25fb3950d39d7724ce8e66b5f119fbcaf29c4b2298370a9836522c558fb0899
- SHA512
  
  45696542523e2eac7a719bc02012b475f1db0090c5b63978d2923fae4cb2089c4dc37ef00a8a72f01fb403df4de77e5b47cf0822d7721bece3dbd957a2d1b144
- SSDEEP
  
  3072:irGHu4dpL7DA6gH3EbG+xXJZXx0q/shZBPd4spKHT1Cll3Tm6WklVUPBxTlN:5dZU1iLSqEhZZd4scHToi6Wk/UPBxT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan