smokeloader | aa8026c7311aee3b5c06a40e4f79210a834332a29b8117e6f6ce201a0a1324f8 | Triage

Sharing

General

Target

aa8026c7311aee3b5c06a40e4f79210a834332a29b8117e6f6ce201a0a1324f8
Size

313KB
Sample

240428-j96bfabf52
MD5

7e6234991fd73490ea3efbe23cdbbf88
SHA1

0b56359f5b9491bc483360105e349efab3d782c2
SHA256

aa8026c7311aee3b5c06a40e4f79210a834332a29b8117e6f6ce201a0a1324f8
SHA512

c35b99440ea5878993d903ed0c32a4c5d5f250bcd16a08693e29a2103f7f18f705b3926fb00e55395151ceabbb33711eb61e9c6bee5004d17752dcaffa3a74c2
SSDEEP

3072:/1APLETpbodHFWzJLjo+d0+xso/ozWjL/YLLesig+Zi/Ja1vHCZHEQyaJI74Fd:zidA2dm/oqDY+s3+P1CFEQXJBd

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  aa8026c7311aee3b5c06a40e4f79210a834332a29b8117e6f6ce201a0a1324f8
- Size
  
  313KB
- MD5
  
  7e6234991fd73490ea3efbe23cdbbf88
- SHA1
  
  0b56359f5b9491bc483360105e349efab3d782c2
- SHA256
  
  aa8026c7311aee3b5c06a40e4f79210a834332a29b8117e6f6ce201a0a1324f8
- SHA512
  
  c35b99440ea5878993d903ed0c32a4c5d5f250bcd16a08693e29a2103f7f18f705b3926fb00e55395151ceabbb33711eb61e9c6bee5004d17752dcaffa3a74c2
- SSDEEP
  
  3072:/1APLETpbodHFWzJLjo+d0+xso/ozWjL/YLLesig+Zi/Ja1vHCZHEQyaJI74Fd:zidA2dm/oqDY+s3+P1CFEQXJBd
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan