smokeloader | 37316eae376e8e8c5281b5016d2ab4a65b0201ed139edef72ac4ba102eaf41cb | Triage

Sharing

General

Target

37316eae376e8e8c5281b5016d2ab4a65b0201ed139edef72ac4ba102eaf41cb
Size

260KB
Sample

240501-zck71aga4t
MD5

cf2a49424928afff26947ff8ad128f77
SHA1

8cdf0834e2d1cae732c76e37f6058ebf37e06aa4
SHA256

37316eae376e8e8c5281b5016d2ab4a65b0201ed139edef72ac4ba102eaf41cb
SHA512

6924ea2c5bcb0a3371405e9bf0d0166d512f839be0310d723b21e1acf8e6e7232857e20af800d1331c38f40bbe27a02c4145e661ed6da350a486ad7f1301ba49
SSDEEP

3072:pKiFvLSL/49UZk0knpguCKZo5BHWt884dg1fd:jtajS0qguCKZcHWt8BuR

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  37316eae376e8e8c5281b5016d2ab4a65b0201ed139edef72ac4ba102eaf41cb
- Size
  
  260KB
- MD5
  
  cf2a49424928afff26947ff8ad128f77
- SHA1
  
  8cdf0834e2d1cae732c76e37f6058ebf37e06aa4
- SHA256
  
  37316eae376e8e8c5281b5016d2ab4a65b0201ed139edef72ac4ba102eaf41cb
- SHA512
  
  6924ea2c5bcb0a3371405e9bf0d0166d512f839be0310d723b21e1acf8e6e7232857e20af800d1331c38f40bbe27a02c4145e661ed6da350a486ad7f1301ba49
- SSDEEP
  
  3072:pKiFvLSL/49UZk0knpguCKZo5BHWt884dg1fd:jtajS0qguCKZcHWt8BuR
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan