smokeloader | 406ac770e634a8a6c970505dc65db47f6b65f438831d464e7e5cc72f3149eff1 | Triage

Sharing

General

Target

406ac770e634a8a6c970505dc65db47f6b65f438831d464e7e5cc72f3149eff1
Size

326KB
Sample

240504-k1rx5acb95
MD5

fc820ff186a4a2c42686e3c8524138e4
SHA1

256b5c4686c2f1889b642135e96296da75c655d3
SHA256

406ac770e634a8a6c970505dc65db47f6b65f438831d464e7e5cc72f3149eff1
SHA512

3aeb0a0b18210e28c56ba79f68c7076d901d4881704d846e90117636b329e9d34160471604ceb256ad4e6455caae8ab14fe5b386d50593f7e084f45021b45d3f
SSDEEP

6144:CRsiABN4kQVasU64xPTClvXEkUJsxsb/i:CRs9N4kQVasUvTClvqhb/i

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  406ac770e634a8a6c970505dc65db47f6b65f438831d464e7e5cc72f3149eff1
- Size
  
  326KB
- MD5
  
  fc820ff186a4a2c42686e3c8524138e4
- SHA1
  
  256b5c4686c2f1889b642135e96296da75c655d3
- SHA256
  
  406ac770e634a8a6c970505dc65db47f6b65f438831d464e7e5cc72f3149eff1
- SHA512
  
  3aeb0a0b18210e28c56ba79f68c7076d901d4881704d846e90117636b329e9d34160471604ceb256ad4e6455caae8ab14fe5b386d50593f7e084f45021b45d3f
- SSDEEP
  
  6144:CRsiABN4kQVasU64xPTClvXEkUJsxsb/i:CRs9N4kQVasUvTClvqhb/i
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan