smokeloader | eca62d3dfad6ae0eef6f384360749315a305139c6db17435754a44c2b30333ce | Triage

Sharing

General

Target

eca62d3dfad6ae0eef6f384360749315a305139c6db17435754a44c2b30333ce
Size

265KB
Sample

240424-s1xglscf4s
MD5

d2d61371e2c16ed85a6cdca7931a9976
SHA1

4fa89990a7c2d0abc223056440b949a36754eb2d
SHA256

eca62d3dfad6ae0eef6f384360749315a305139c6db17435754a44c2b30333ce
SHA512

646839a1081de540ca9dc56dae22eec209a9f4bce709016983be6173c2a86eed8a9e76a58e0aeea8b86b2fb604ff98da3ffd4f3afe6465018adaee098f781d49
SSDEEP

3072:3p4k7jgpKp9UNp+aBZloiX+VXQTRD6BurZrubs4sY5QQkK9m1a6D4IxlVUPBBu:3H9bUbDZltDRfZaTKe0I60K/UPB

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  eca62d3dfad6ae0eef6f384360749315a305139c6db17435754a44c2b30333ce
- Size
  
  265KB
- MD5
  
  d2d61371e2c16ed85a6cdca7931a9976
- SHA1
  
  4fa89990a7c2d0abc223056440b949a36754eb2d
- SHA256
  
  eca62d3dfad6ae0eef6f384360749315a305139c6db17435754a44c2b30333ce
- SHA512
  
  646839a1081de540ca9dc56dae22eec209a9f4bce709016983be6173c2a86eed8a9e76a58e0aeea8b86b2fb604ff98da3ffd4f3afe6465018adaee098f781d49
- SSDEEP
  
  3072:3p4k7jgpKp9UNp+aBZloiX+VXQTRD6BurZrubs4sY5QQkK9m1a6D4IxlVUPBBu:3H9bUbDZltDRfZaTKe0I60K/UPB
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan