smokeloader | bc113ed2bff68b7cf9dd805ec562bffc04fbadcf75a16df1ec6fcfa6b479f5ce | Triage

Sharing

General

Target

bc113ed2bff68b7cf9dd805ec562bffc04fbadcf75a16df1ec6fcfa6b479f5ce
Size

213KB
Sample

240427-qyp9eabe78
MD5

2c8f5e7a9e670c3850b2de0d2f3758b2
SHA1

42409c886411ce73c1d6f07bbae47bf8f2db713c
SHA256

bc113ed2bff68b7cf9dd805ec562bffc04fbadcf75a16df1ec6fcfa6b479f5ce
SHA512

1237d9fbc5cfd97e2377c56143a100daeeff8e71ffa90c4fa7227eab94b3edf841e8ca8b68a8ed8c18d9cc03457a4c246a98147ab317079650bcf88877211454
SSDEEP

3072:WztTEAEwLBu9QeT5Zpsnf26/5WSIKM4XLr2:WztTEAE4u9Qefp426kSIKM2Lr

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  bc113ed2bff68b7cf9dd805ec562bffc04fbadcf75a16df1ec6fcfa6b479f5ce
- Size
  
  213KB
- MD5
  
  2c8f5e7a9e670c3850b2de0d2f3758b2
- SHA1
  
  42409c886411ce73c1d6f07bbae47bf8f2db713c
- SHA256
  
  bc113ed2bff68b7cf9dd805ec562bffc04fbadcf75a16df1ec6fcfa6b479f5ce
- SHA512
  
  1237d9fbc5cfd97e2377c56143a100daeeff8e71ffa90c4fa7227eab94b3edf841e8ca8b68a8ed8c18d9cc03457a4c246a98147ab317079650bcf88877211454
- SSDEEP
  
  3072:WztTEAEwLBu9QeT5Zpsnf26/5WSIKM4XLr2:WztTEAE4u9Qefp426kSIKM2Lr
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan