smokeloader | aadb1a10e0da6867870433ffc89c9094a6962d924f863457a7009ae428102447 | Triage

Sharing

General

Target

aadb1a10e0da6867870433ffc89c9094a6962d924f863457a7009ae428102447
Size

266KB
Sample

240430-p2ereafc9v
MD5

d9259a2009dbf09ff11369a22cec6a43
SHA1

9baea3ea35d4b7f7e13421bbc77279323f416c3f
SHA256

aadb1a10e0da6867870433ffc89c9094a6962d924f863457a7009ae428102447
SHA512

d1c87709545b75ca0cdc00ac2d1ccc25b026e98358d30e1fee394980a3f1b1c02315cee3204e946781993b61bfa438320bf2b428d482d7a2515959ce8d2cd48c
SSDEEP

3072:PZ3M/j9pgmSPfx+zH+gT0dY6kQGcgEurz+glKb5y6kk6lVRL4u3BXnwbbJZ:uh3UfxvgTPRcgEuNlUyxvVJ4uxX

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  aadb1a10e0da6867870433ffc89c9094a6962d924f863457a7009ae428102447
- Size
  
  266KB
- MD5
  
  d9259a2009dbf09ff11369a22cec6a43
- SHA1
  
  9baea3ea35d4b7f7e13421bbc77279323f416c3f
- SHA256
  
  aadb1a10e0da6867870433ffc89c9094a6962d924f863457a7009ae428102447
- SHA512
  
  d1c87709545b75ca0cdc00ac2d1ccc25b026e98358d30e1fee394980a3f1b1c02315cee3204e946781993b61bfa438320bf2b428d482d7a2515959ce8d2cd48c
- SSDEEP
  
  3072:PZ3M/j9pgmSPfx+zH+gT0dY6kQGcgEurz+glKb5y6kk6lVRL4u3BXnwbbJZ:uh3UfxvgTPRcgEuNlUyxvVJ4uxX
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan