smokeloader | 3c361332f7495649e190dc3a8f813b4018072d0c4851d36e761dee3ed1bc0673 | Triage

Sharing

General

Target

3c361332f7495649e190dc3a8f813b4018072d0c4851d36e761dee3ed1bc0673
Size

327KB
Sample

240504-rrz1psbd37
MD5

39dc8753d2d8c930c0059b4b17a2bb8f
SHA1

2495ea80d4a82b85974ade573dc5c2fc1bfacafa
SHA256

3c361332f7495649e190dc3a8f813b4018072d0c4851d36e761dee3ed1bc0673
SHA512

fb9c6a30bec2cf63fc139f07a40b87cb6a05295ed0b7d7d13593797c478b46debbfadbad4e07ddef2a1f4a54c857c3bc8e94ecceb01e21f5a5a98f672f565360
SSDEEP

6144:Zsp2szp401dHupk/5XfEH8XbUVgTJi8qVcpjKRqBQ9:Zsp7p401UpMXY8XTCcp2sC

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  3c361332f7495649e190dc3a8f813b4018072d0c4851d36e761dee3ed1bc0673
- Size
  
  327KB
- MD5
  
  39dc8753d2d8c930c0059b4b17a2bb8f
- SHA1
  
  2495ea80d4a82b85974ade573dc5c2fc1bfacafa
- SHA256
  
  3c361332f7495649e190dc3a8f813b4018072d0c4851d36e761dee3ed1bc0673
- SHA512
  
  fb9c6a30bec2cf63fc139f07a40b87cb6a05295ed0b7d7d13593797c478b46debbfadbad4e07ddef2a1f4a54c857c3bc8e94ecceb01e21f5a5a98f672f565360
- SSDEEP
  
  6144:Zsp2szp401dHupk/5XfEH8XbUVgTJi8qVcpjKRqBQ9:Zsp7p401UpMXY8XTCcp2sC
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan