smokeloader | a74017849283e1e83afad2f5aefc3a5fb9ced3a3f380130452c35d39161f1785 | Triage

Sharing

General

Target

a74017849283e1e83afad2f5aefc3a5fb9ced3a3f380130452c35d39161f1785
Size

263KB
Sample

240424-p35dfsac3x
MD5

ce6139e157af69824951710707bfe8e7
SHA1

5e98fae781314b02d48fa874370da49d22bea7d8
SHA256

a74017849283e1e83afad2f5aefc3a5fb9ced3a3f380130452c35d39161f1785
SHA512

c2993d31f4c724dc4f89e1a7b4b1806df664eb0067a0aed54230a023063946f43bc915288632cbee82b59ac561a239a7a2ad5a2a2e6ce7b280e9c96918c8b94a
SSDEEP

3072:swHktC8Mp2Fs9hVAN+RIZXBRwGPKHX2bzC2McP39o1FDAtZ0ZJfmOMzlVUPB0u:KMQq9oNd8GPKHfDK8mOO/UPB

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  a74017849283e1e83afad2f5aefc3a5fb9ced3a3f380130452c35d39161f1785
- Size
  
  263KB
- MD5
  
  ce6139e157af69824951710707bfe8e7
- SHA1
  
  5e98fae781314b02d48fa874370da49d22bea7d8
- SHA256
  
  a74017849283e1e83afad2f5aefc3a5fb9ced3a3f380130452c35d39161f1785
- SHA512
  
  c2993d31f4c724dc4f89e1a7b4b1806df664eb0067a0aed54230a023063946f43bc915288632cbee82b59ac561a239a7a2ad5a2a2e6ce7b280e9c96918c8b94a
- SSDEEP
  
  3072:swHktC8Mp2Fs9hVAN+RIZXBRwGPKHX2bzC2McP39o1FDAtZ0ZJfmOMzlVUPB0u:KMQq9oNd8GPKHfDK8mOO/UPB
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan