smokeloader | b0ea010cb6bace74fa6799207d43fc4e467e90384b8d4b85a8f7cb3e15e9078e | Triage

Sharing

General

Target

b0ea010cb6bace74fa6799207d43fc4e467e90384b8d4b85a8f7cb3e15e9078e
Size

264KB
Sample

240430-ybxnzaef3w
MD5

277b3fc41a104f06ac5863fb781ca8bd
SHA1

85278167f87be1a463559c761ca4c39555f8df28
SHA256

b0ea010cb6bace74fa6799207d43fc4e467e90384b8d4b85a8f7cb3e15e9078e
SHA512

be12a11a74b7b4445146a183bba6a5d7518f8565f2ccb701e16913606fbce80eaba5b89e14cd2548fbf57650c1d492e38eee032ebeafa9ee4a1e99ac45946e58
SSDEEP

3072:YG6+jvepBWW6F+9+gT0MV/CV0gqBMlreEyUJ1njtsiI7qs0uwhHHgVwU:Y+mG1FBgT/I0vBMliEyUVspWs09a

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b0ea010cb6bace74fa6799207d43fc4e467e90384b8d4b85a8f7cb3e15e9078e
- Size
  
  264KB
- MD5
  
  277b3fc41a104f06ac5863fb781ca8bd
- SHA1
  
  85278167f87be1a463559c761ca4c39555f8df28
- SHA256
  
  b0ea010cb6bace74fa6799207d43fc4e467e90384b8d4b85a8f7cb3e15e9078e
- SHA512
  
  be12a11a74b7b4445146a183bba6a5d7518f8565f2ccb701e16913606fbce80eaba5b89e14cd2548fbf57650c1d492e38eee032ebeafa9ee4a1e99ac45946e58
- SSDEEP
  
  3072:YG6+jvepBWW6F+9+gT0MV/CV0gqBMlreEyUJ1njtsiI7qs0uwhHHgVwU:Y+mG1FBgT/I0vBMliEyUVspWs09a
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan