smokeloader | dbe27294b6ae247afb35d24b28e068b27060c406271e4642497345a2d33e78de | Triage

Sharing

General

Target

dbe27294b6ae247afb35d24b28e068b27060c406271e4642497345a2d33e78de
Size

326KB
Sample

240504-tyslbabb7x
MD5

b2ad8544791a609b9391012d795d55f5
SHA1

6908343efa9c9472e422b68ee78b84ba9aedd580
SHA256

dbe27294b6ae247afb35d24b28e068b27060c406271e4642497345a2d33e78de
SHA512

4544c6d830d1a6a67c71f0c8859e5fdde3c18f50f87166a774073371b94440edc79f3ccc44479bf149ebe546434a6623724a3f94671aeee3df0cc8ab07e68ad4
SSDEEP

3072:BBRp/wQVTpdQz5XDDlc400+ZeHpBTcOyyQKxD6nXNcB+AgFhYsLxhLOCmMMK/pjr:T3c5n2400bHZQP91AEh1FROpjKRqBQe

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  dbe27294b6ae247afb35d24b28e068b27060c406271e4642497345a2d33e78de
- Size
  
  326KB
- MD5
  
  b2ad8544791a609b9391012d795d55f5
- SHA1
  
  6908343efa9c9472e422b68ee78b84ba9aedd580
- SHA256
  
  dbe27294b6ae247afb35d24b28e068b27060c406271e4642497345a2d33e78de
- SHA512
  
  4544c6d830d1a6a67c71f0c8859e5fdde3c18f50f87166a774073371b94440edc79f3ccc44479bf149ebe546434a6623724a3f94671aeee3df0cc8ab07e68ad4
- SSDEEP
  
  3072:BBRp/wQVTpdQz5XDDlc400+ZeHpBTcOyyQKxD6nXNcB+AgFhYsLxhLOCmMMK/pjr:T3c5n2400bHZQP91AEh1FROpjKRqBQe
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan