smokeloader | f95c4a9c2b9106af8039629e43ca93d9079dceb7960f49dc77b8ae7a0e3e3c25 | Triage

Sharing

General

Target

f95c4a9c2b9106af8039629e43ca93d9079dceb7960f49dc77b8ae7a0e3e3c25
Size

259KB
Sample

240501-ylzajsfa4t
MD5

d8a73e39f2b56637fa317cdadd6aa35e
SHA1

1fd8d602b58a6c74c0fec737d8a8818bfe21e77e
SHA256

f95c4a9c2b9106af8039629e43ca93d9079dceb7960f49dc77b8ae7a0e3e3c25
SHA512

32706d17566af1e75bcedbd441b38ccb7500a44d288baee820a1547e929467371ce88a130f21713fda3ff199c86ed36ba251b9b2f8e17b675dc9715b98656987
SSDEEP

1536:f6InnEHyf6c3fFp/bUk+GgIysb4PvjRBtmVuh9Dfjc5hVM4Zq7YQM0363B5WmwxE:fPpFpgIyl1jmArku7s5WmwSqg1fd

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f95c4a9c2b9106af8039629e43ca93d9079dceb7960f49dc77b8ae7a0e3e3c25
- Size
  
  259KB
- MD5
  
  d8a73e39f2b56637fa317cdadd6aa35e
- SHA1
  
  1fd8d602b58a6c74c0fec737d8a8818bfe21e77e
- SHA256
  
  f95c4a9c2b9106af8039629e43ca93d9079dceb7960f49dc77b8ae7a0e3e3c25
- SHA512
  
  32706d17566af1e75bcedbd441b38ccb7500a44d288baee820a1547e929467371ce88a130f21713fda3ff199c86ed36ba251b9b2f8e17b675dc9715b98656987
- SSDEEP
  
  1536:f6InnEHyf6c3fFp/bUk+GgIysb4PvjRBtmVuh9Dfjc5hVM4Zq7YQM0363B5WmwxE:fPpFpgIyl1jmArku7s5WmwSqg1fd
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan