smokeloader | 67daaebbc3d9d2556bb5984cfc11f6264683d765d5e6416911a14d20cad77c00 | Triage

Sharing

General

Target

67daaebbc3d9d2556bb5984cfc11f6264683d765d5e6416911a14d20cad77c00
Size

265KB
Sample

240430-mjzbzsac2w
MD5

a4e70dbb87bc008b38446d9175b0a086
SHA1

e97c64cada06785118f7aca4840c6f5c3ac9b9dc
SHA256

67daaebbc3d9d2556bb5984cfc11f6264683d765d5e6416911a14d20cad77c00
SHA512

fe3a88f209eca22de17382bdf9ea4d9b187fb0191282a0dcad340f7d51153ac43e28984710e6dff9e101cf3adce376819c9808ed3ebcde1a01a95075f66d5729
SSDEEP

3072:Uf9H/zNdpj8wmDtFN+jEQBfAsGJw+VWCQmOerUWZmFXosBrGKrvS/ZZWbbbJl:MF3x8tFNIG+6OerUWZmFX77rS/DW

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  67daaebbc3d9d2556bb5984cfc11f6264683d765d5e6416911a14d20cad77c00
- Size
  
  265KB
- MD5
  
  a4e70dbb87bc008b38446d9175b0a086
- SHA1
  
  e97c64cada06785118f7aca4840c6f5c3ac9b9dc
- SHA256
  
  67daaebbc3d9d2556bb5984cfc11f6264683d765d5e6416911a14d20cad77c00
- SHA512
  
  fe3a88f209eca22de17382bdf9ea4d9b187fb0191282a0dcad340f7d51153ac43e28984710e6dff9e101cf3adce376819c9808ed3ebcde1a01a95075f66d5729
- SSDEEP
  
  3072:Uf9H/zNdpj8wmDtFN+jEQBfAsGJw+VWCQmOerUWZmFXosBrGKrvS/ZZWbbbJl:MF3x8tFNIG+6OerUWZmFX77rS/DW
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan