smokeloader | 418e1eee0fe07cd94dfff0d8e824352a74cd1c1bd824b520069349c344484cd3 | Triage

Sharing

General

Target

418e1eee0fe07cd94dfff0d8e824352a74cd1c1bd824b520069349c344484cd3
Size

271KB
Sample

240502-h3n8xacb2x
MD5

e1c9e1bd467938c53760d1fdef94d864
SHA1

0ca65fe915c83dd75de82aae4c3cfee913d4f285
SHA256

418e1eee0fe07cd94dfff0d8e824352a74cd1c1bd824b520069349c344484cd3
SHA512

b97277ae09962bfd7c32e9d3c42639acfe9d6d68da6d59c145a881d43b515af911400e4d86a4aa2abed180111ae50e467dfde573459e9c9007c228404998a82a
SSDEEP

3072:z+thY6CfptTqAq5+NAL+0ud9qPCdWASAvIgQR4APNp+MOFYai+0EPbDCeBS:qSZnmP5mVM94APNsMoYkpP

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  418e1eee0fe07cd94dfff0d8e824352a74cd1c1bd824b520069349c344484cd3
- Size
  
  271KB
- MD5
  
  e1c9e1bd467938c53760d1fdef94d864
- SHA1
  
  0ca65fe915c83dd75de82aae4c3cfee913d4f285
- SHA256
  
  418e1eee0fe07cd94dfff0d8e824352a74cd1c1bd824b520069349c344484cd3
- SHA512
  
  b97277ae09962bfd7c32e9d3c42639acfe9d6d68da6d59c145a881d43b515af911400e4d86a4aa2abed180111ae50e467dfde573459e9c9007c228404998a82a
- SSDEEP
  
  3072:z+thY6CfptTqAq5+NAL+0ud9qPCdWASAvIgQR4APNp+MOFYai+0EPbDCeBS:qSZnmP5mVM94APNsMoYkpP
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan