smokeloader | 34101707aa120a2a7551372d8759627d5e584d2977247caded99175c2b51a420 | Triage

Sharing

General

Target

34101707aa120a2a7551372d8759627d5e584d2977247caded99175c2b51a420
Size

307KB
Sample

240428-rdzssahc58
MD5

7f48c12d023372f0b10398ff68a44792
SHA1

1552ad5a58bf411bfa245e1b7118459510413bde
SHA256

34101707aa120a2a7551372d8759627d5e584d2977247caded99175c2b51a420
SHA512

11bdf8767ccd5acde3f2422c89179ecfcfd517f62ddde4977b6c5b80132833a7542c58d9fc97a60526febf1ff5f2fe3928f4691fa10bd4a4fa581c631e77648a
SSDEEP

3072:P3Ps5/Wp1NpxfYkz/c+jbLWU5NpcsSQ1+LhUdxhQ+ERXOBNmkceEdxWiHEQ2I7Ix:TDNXm03H1kyvQ/I1ceEemEf+U

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  34101707aa120a2a7551372d8759627d5e584d2977247caded99175c2b51a420
- Size
  
  307KB
- MD5
  
  7f48c12d023372f0b10398ff68a44792
- SHA1
  
  1552ad5a58bf411bfa245e1b7118459510413bde
- SHA256
  
  34101707aa120a2a7551372d8759627d5e584d2977247caded99175c2b51a420
- SHA512
  
  11bdf8767ccd5acde3f2422c89179ecfcfd517f62ddde4977b6c5b80132833a7542c58d9fc97a60526febf1ff5f2fe3928f4691fa10bd4a4fa581c631e77648a
- SSDEEP
  
  3072:P3Ps5/Wp1NpxfYkz/c+jbLWU5NpcsSQ1+LhUdxhQ+ERXOBNmkceEdxWiHEQ2I7Ix:TDNXm03H1kyvQ/I1ceEemEf+U
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan