smokeloader | ff64b6a65f623bee3a6c72797ca449545801deea098d0209e7bd4f2abd4bcaa6 | Triage

Sharing

General

Target

ff64b6a65f623bee3a6c72797ca449545801deea098d0209e7bd4f2abd4bcaa6
Size

263KB
Sample

240424-mkmdtagh23
MD5

f498565ab04b879eca4cc4406d1e9f19
SHA1

0386884ee135773401fe813ad10ca88cf7173601
SHA256

ff64b6a65f623bee3a6c72797ca449545801deea098d0209e7bd4f2abd4bcaa6
SHA512

97aca9988f06b33dc970fd5b56ef764a64d6b30a849b0d79cc4f2134683631ebf294692e36cc8584ba07002909641879e68de2d0e64cb5df6b8ff0947f870380
SSDEEP

6144:l9uJbLbLt8rBcaVNxLDjTYNxLHmZ5/UPB:l9uJbLbLKBxWhGm

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ff64b6a65f623bee3a6c72797ca449545801deea098d0209e7bd4f2abd4bcaa6
- Size
  
  263KB
- MD5
  
  f498565ab04b879eca4cc4406d1e9f19
- SHA1
  
  0386884ee135773401fe813ad10ca88cf7173601
- SHA256
  
  ff64b6a65f623bee3a6c72797ca449545801deea098d0209e7bd4f2abd4bcaa6
- SHA512
  
  97aca9988f06b33dc970fd5b56ef764a64d6b30a849b0d79cc4f2134683631ebf294692e36cc8584ba07002909641879e68de2d0e64cb5df6b8ff0947f870380
- SSDEEP
  
  6144:l9uJbLbLt8rBcaVNxLDjTYNxLHmZ5/UPB:l9uJbLbLKBxWhGm
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan