smokeloader | 3884cef0375b432baede37dc31499c5cd4bbf1ec2c3fd6c263ac35d02558b0aa | Triage

Sharing

General

Target

3884cef0375b432baede37dc31499c5cd4bbf1ec2c3fd6c263ac35d02558b0aa
Size

266KB
Sample

240430-ynzn4aeg91
MD5

e90b8fcf042df895b82dc773b7a56981
SHA1

7c43a268e08d2a9ad0af528d7a24cbb343083d28
SHA256

3884cef0375b432baede37dc31499c5cd4bbf1ec2c3fd6c263ac35d02558b0aa
SHA512

246b6a9264e3e42583e344ae94db458174507abaa072adfbc2fe5ead5a4e2e09fbdcdf368ae02b29eea2316777648630615aaa1a2ce1363ad1071c5e58748b24
SSDEEP

3072:GI1vETfpugQd5+c+gT0A5Wo4G6slcU6xEESJeiGSHNrQsvBzX8DZci0L2XgVwU:GlDjc5agTW+6enHbRv1X8DZk2w

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  3884cef0375b432baede37dc31499c5cd4bbf1ec2c3fd6c263ac35d02558b0aa
- Size
  
  266KB
- MD5
  
  e90b8fcf042df895b82dc773b7a56981
- SHA1
  
  7c43a268e08d2a9ad0af528d7a24cbb343083d28
- SHA256
  
  3884cef0375b432baede37dc31499c5cd4bbf1ec2c3fd6c263ac35d02558b0aa
- SHA512
  
  246b6a9264e3e42583e344ae94db458174507abaa072adfbc2fe5ead5a4e2e09fbdcdf368ae02b29eea2316777648630615aaa1a2ce1363ad1071c5e58748b24
- SSDEEP
  
  3072:GI1vETfpugQd5+c+gT0A5Wo4G6slcU6xEESJeiGSHNrQsvBzX8DZci0L2XgVwU:GlDjc5agTW+6enHbRv1X8DZk2w
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan