smokeloader | 93e3d3a5e40db56efcca4e398968569fde3a813d8806e6bcc203d01c141abf7c | Triage

Sharing

General

Target

93e3d3a5e40db56efcca4e398968569fde3a813d8806e6bcc203d01c141abf7c
Size

319KB
Sample

240504-gggq9shc78
MD5

17188ecbde40131e869f113d9da2be32
SHA1

49331eb981fe52be7700c14b63c2b30b2e31ee3d
SHA256

93e3d3a5e40db56efcca4e398968569fde3a813d8806e6bcc203d01c141abf7c
SHA512

d715f7331eabfb247b9a9785a524ebfb91748e21c28ad2f63e69ecff0e65ae55851dcede9683745644a82fd38fd82d96d3e8bb061c7d8f25559748b88320e67a
SSDEEP

3072:JTN5Tb9vrpqScF8DlYV+6xuCPxuKvvPc50zJy2aDMf4PfBFw+15UIV5CFusKDAm9:rztcKWVNumvPhzJgDa4PfBv1iisK0

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  93e3d3a5e40db56efcca4e398968569fde3a813d8806e6bcc203d01c141abf7c
- Size
  
  319KB
- MD5
  
  17188ecbde40131e869f113d9da2be32
- SHA1
  
  49331eb981fe52be7700c14b63c2b30b2e31ee3d
- SHA256
  
  93e3d3a5e40db56efcca4e398968569fde3a813d8806e6bcc203d01c141abf7c
- SHA512
  
  d715f7331eabfb247b9a9785a524ebfb91748e21c28ad2f63e69ecff0e65ae55851dcede9683745644a82fd38fd82d96d3e8bb061c7d8f25559748b88320e67a
- SSDEEP
  
  3072:JTN5Tb9vrpqScF8DlYV+6xuCPxuKvvPc50zJy2aDMf4PfBFw+15UIV5CFusKDAm9:rztcKWVNumvPhzJgDa4PfBv1iisK0
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan