smokeloader | 4ebebc45004e498bdf1381747354206c02475f9fabd18e397897d3324081cb69 | Triage

Sharing

General

Target

4ebebc45004e498bdf1381747354206c02475f9fabd18e397897d3324081cb69
Size

311KB
Sample

240428-kybhcscc28
MD5

204d683564be599027ba32ed8897842d
SHA1

d96443e1c8e085d130a5dc6ec00a00516af1f57c
SHA256

4ebebc45004e498bdf1381747354206c02475f9fabd18e397897d3324081cb69
SHA512

1bf0cd9d003ec6bf538e3d5e189c0f8230942d50a44f37e89d3a81be2a66b65169ecb58d503e3a17cd25b3cda2af93e6b877c4accea04260a83140ed3f742869
SSDEEP

3072:n1Et3irRpiJFyw043mc8+i0+f4mmpbUPgkVhxEUxtK4SeI/QOQtUHERow6I7Ild:HwJFuhuYmmPn3ta2t8ER761d

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  4ebebc45004e498bdf1381747354206c02475f9fabd18e397897d3324081cb69
- Size
  
  311KB
- MD5
  
  204d683564be599027ba32ed8897842d
- SHA1
  
  d96443e1c8e085d130a5dc6ec00a00516af1f57c
- SHA256
  
  4ebebc45004e498bdf1381747354206c02475f9fabd18e397897d3324081cb69
- SHA512
  
  1bf0cd9d003ec6bf538e3d5e189c0f8230942d50a44f37e89d3a81be2a66b65169ecb58d503e3a17cd25b3cda2af93e6b877c4accea04260a83140ed3f742869
- SSDEEP
  
  3072:n1Et3irRpiJFyw043mc8+i0+f4mmpbUPgkVhxEUxtK4SeI/QOQtUHERow6I7Ild:HwJFuhuYmmPn3ta2t8ER761d
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan