smokeloader | e0fa4e39581e2c63df05746fd67c6fc98ab320743e20fd1a3e156cf3cc10eecf | Triage

Sharing

General

Target

e0fa4e39581e2c63df05746fd67c6fc98ab320743e20fd1a3e156cf3cc10eecf
Size

319KB
Sample

240504-g85meahe22
MD5

134b2bd245ea881c5c97c4224385e125
SHA1

781b98c76b0fcb17af6996341540707ee3d35446
SHA256

e0fa4e39581e2c63df05746fd67c6fc98ab320743e20fd1a3e156cf3cc10eecf
SHA512

598e775acd6ae9fa4255f59b82ca790a9f9aef259566f3e308f4e160f41bb20858595c56a9bb6263cf121b030364633da3d35bb3bf086a820b974c7d331487e4
SSDEEP

3072:GmWfCA1P7pqu6/Re18V+yxuCUulVpwRwqtPsGXVzm+nzKbmr15WuFusKOumkiqm:4DZ6ZdV3lnwhtkcVUU1sQb/0

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  e0fa4e39581e2c63df05746fd67c6fc98ab320743e20fd1a3e156cf3cc10eecf
- Size
  
  319KB
- MD5
  
  134b2bd245ea881c5c97c4224385e125
- SHA1
  
  781b98c76b0fcb17af6996341540707ee3d35446
- SHA256
  
  e0fa4e39581e2c63df05746fd67c6fc98ab320743e20fd1a3e156cf3cc10eecf
- SHA512
  
  598e775acd6ae9fa4255f59b82ca790a9f9aef259566f3e308f4e160f41bb20858595c56a9bb6263cf121b030364633da3d35bb3bf086a820b974c7d331487e4
- SSDEEP
  
  3072:GmWfCA1P7pqu6/Re18V+yxuCUulVpwRwqtPsGXVzm+nzKbmr15WuFusKOumkiqm:4DZ6ZdV3lnwhtkcVUU1sQb/0
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan