smokeloader | d5d45a1c72667c19ff56de099ee0ac07023f3b771bddcda482fdc50caf9405ca | Triage

Sharing

General

Target

d5d45a1c72667c19ff56de099ee0ac07023f3b771bddcda482fdc50caf9405ca
Size

306KB
Sample

240428-1ms62aac71
MD5

01793a9e9a4abece6d669dad9f1a2b00
SHA1

e5f0660d84c38bf68b0ea789a7f2b237cfb896e1
SHA256

d5d45a1c72667c19ff56de099ee0ac07023f3b771bddcda482fdc50caf9405ca
SHA512

08766334f7d942c088e6d58c90c4da8e9f427e3580daa657b250439fe10ce0175aa7c30b5ee1aeabf571c8c41cb21914cea39694a439e9f38fc51e9cad94c8de
SSDEEP

3072:55eR1Q7yp66EtTM0r+tbLxie94K6lP9yI3zzlv8SvIqTBjwxaQkmHEVI7IMNU:sx46YReYG4KElyI3zpUSlZkkyEV8NU

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d5d45a1c72667c19ff56de099ee0ac07023f3b771bddcda482fdc50caf9405ca
- Size
  
  306KB
- MD5
  
  01793a9e9a4abece6d669dad9f1a2b00
- SHA1
  
  e5f0660d84c38bf68b0ea789a7f2b237cfb896e1
- SHA256
  
  d5d45a1c72667c19ff56de099ee0ac07023f3b771bddcda482fdc50caf9405ca
- SHA512
  
  08766334f7d942c088e6d58c90c4da8e9f427e3580daa657b250439fe10ce0175aa7c30b5ee1aeabf571c8c41cb21914cea39694a439e9f38fc51e9cad94c8de
- SSDEEP
  
  3072:55eR1Q7yp66EtTM0r+tbLxie94K6lP9yI3zzlv8SvIqTBjwxaQkmHEVI7IMNU:sx46YReYG4KElyI3zpUSlZkkyEV8NU
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan