smokeloader | 6413bc29d9283235785333b926cc8ab9066ca41fef4d35c051922d4cb0cb8382 | Triage

Sharing

General

Target

6413bc29d9283235785333b926cc8ab9066ca41fef4d35c051922d4cb0cb8382
Size

308KB
Sample

240428-m9rd3aee4v
MD5

e5e811848cc1171eb787dd205469492a
SHA1

cc78d712fc1d9add90239e2401b524db853ad7cd
SHA256

6413bc29d9283235785333b926cc8ab9066ca41fef4d35c051922d4cb0cb8382
SHA512

f23e7947f2785d5d9540f75b69995a767d785501c79e84d7f74bc167cb9be044c475f1fb6dd22913888105cb5975440b724b22bb5d94bb569ed1ae48a0477612
SSDEEP

6144:BYAtS/qyYW22cZrag3QaSjUCnrEUAF0YON:BYAQqyDZcZrag3Hoy8N

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  6413bc29d9283235785333b926cc8ab9066ca41fef4d35c051922d4cb0cb8382
- Size
  
  308KB
- MD5
  
  e5e811848cc1171eb787dd205469492a
- SHA1
  
  cc78d712fc1d9add90239e2401b524db853ad7cd
- SHA256
  
  6413bc29d9283235785333b926cc8ab9066ca41fef4d35c051922d4cb0cb8382
- SHA512
  
  f23e7947f2785d5d9540f75b69995a767d785501c79e84d7f74bc167cb9be044c475f1fb6dd22913888105cb5975440b724b22bb5d94bb569ed1ae48a0477612
- SSDEEP
  
  6144:BYAtS/qyYW22cZrag3QaSjUCnrEUAF0YON:BYAQqyDZcZrag3Hoy8N
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan