smokeloader | db3fc72f22f77f6510e14c30ef23d729ae173c2f59d6f0fd29120e5a4093b0ed | Triage

Sharing

General

Target

db3fc72f22f77f6510e14c30ef23d729ae173c2f59d6f0fd29120e5a4093b0ed
Size

279KB
Sample

240430-lx173ahg3s
MD5

85e48e909068358e0a1bb3c16edf17b1
SHA1

f2d0338d77a706644bb5ce87388735dfcba0cde3
SHA256

db3fc72f22f77f6510e14c30ef23d729ae173c2f59d6f0fd29120e5a4093b0ed
SHA512

9e399e1a939bc115b7a36e35b1a8b19624726a7898425bb9b705aa3f39aeb7d54e43ddc02b49196012c443e64387cefbd68207f157ad8fcba992d2ceb2409cbf
SSDEEP

3072:G5tvA8pRbecYTtV2jy+J1zoKjYtnOTqMiYyQePj9hqYWxPzVj+ubMHYx/Rtd2Ubl:QZLq7TrVsz9clOT4G+epxnZa+

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  db3fc72f22f77f6510e14c30ef23d729ae173c2f59d6f0fd29120e5a4093b0ed
- Size
  
  279KB
- MD5
  
  85e48e909068358e0a1bb3c16edf17b1
- SHA1
  
  f2d0338d77a706644bb5ce87388735dfcba0cde3
- SHA256
  
  db3fc72f22f77f6510e14c30ef23d729ae173c2f59d6f0fd29120e5a4093b0ed
- SHA512
  
  9e399e1a939bc115b7a36e35b1a8b19624726a7898425bb9b705aa3f39aeb7d54e43ddc02b49196012c443e64387cefbd68207f157ad8fcba992d2ceb2409cbf
- SSDEEP
  
  3072:G5tvA8pRbecYTtV2jy+J1zoKjYtnOTqMiYyQePj9hqYWxPzVj+ubMHYx/Rtd2Ubl:QZLq7TrVsz9clOT4G+epxnZa+
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan