smokeloader | 86157b699c8daba1a747b6c2fef1b15f3a7b6372da30e8a3ea9b3b075edab62e | Triage

Sharing

General

Target

86157b699c8daba1a747b6c2fef1b15f3a7b6372da30e8a3ea9b3b075edab62e
Size

265KB
Sample

240424-shxdwscb37
MD5

444968112aa9f4e90ccbac99ec66a8d6
SHA1

f7ea8d4d6c18891fc2b92188fef79212a3982388
SHA256

86157b699c8daba1a747b6c2fef1b15f3a7b6372da30e8a3ea9b3b075edab62e
SHA512

37d47a65c6872161958d25bab006e474c8570574c0ab283c43bad51d2f0f67c5cfbc5c884e76a34446e8ffff7e17658d28cca0467130b03933b4c8bbdf539788
SSDEEP

3072:e1MJhUIdpdSLx6P+iBZloiX16euuZsakebSuyr3EtjS8uQgf8lEWvZn683dlOlV/:tFCdcjZlt19TA3qiPEWqx683q/UPB

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  86157b699c8daba1a747b6c2fef1b15f3a7b6372da30e8a3ea9b3b075edab62e
- Size
  
  265KB
- MD5
  
  444968112aa9f4e90ccbac99ec66a8d6
- SHA1
  
  f7ea8d4d6c18891fc2b92188fef79212a3982388
- SHA256
  
  86157b699c8daba1a747b6c2fef1b15f3a7b6372da30e8a3ea9b3b075edab62e
- SHA512
  
  37d47a65c6872161958d25bab006e474c8570574c0ab283c43bad51d2f0f67c5cfbc5c884e76a34446e8ffff7e17658d28cca0467130b03933b4c8bbdf539788
- SSDEEP
  
  3072:e1MJhUIdpdSLx6P+iBZloiX16euuZsakebSuyr3EtjS8uQgf8lEWvZn683dlOlV/:tFCdcjZlt19TA3qiPEWqx683q/UPB
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan