smokeloader | 4f792ce3a467572688a6aa4b389254b860fa79bcda9142af0be0e94c8eda8f93 | Triage

Sharing

General

Target

4f792ce3a467572688a6aa4b389254b860fa79bcda9142af0be0e94c8eda8f93
Size

208KB
Sample

240507-fzbgjaea52
MD5

c0a0fbc6485f4545d0914ddff5fd8ed0
SHA1

56dbd199dd4f31fdc9db8782c4817a49bc28b429
SHA256

4f792ce3a467572688a6aa4b389254b860fa79bcda9142af0be0e94c8eda8f93
SHA512

ee208aefeb55b998d245609957e677bd8c3ab049f1d844efc283d25e8c7913fbd1ee5277e41a05bf00bc1eed92f78db3feeef1e745fac35e01c0e5077b7b9dea
SSDEEP

3072:Bw1Y91VV3eJI1g9BIwuk7znyX/8BcB5RDLTcZ1:gY91zYggEuznS9TcZ

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  4f792ce3a467572688a6aa4b389254b860fa79bcda9142af0be0e94c8eda8f93
- Size
  
  208KB
- MD5
  
  c0a0fbc6485f4545d0914ddff5fd8ed0
- SHA1
  
  56dbd199dd4f31fdc9db8782c4817a49bc28b429
- SHA256
  
  4f792ce3a467572688a6aa4b389254b860fa79bcda9142af0be0e94c8eda8f93
- SHA512
  
  ee208aefeb55b998d245609957e677bd8c3ab049f1d844efc283d25e8c7913fbd1ee5277e41a05bf00bc1eed92f78db3feeef1e745fac35e01c0e5077b7b9dea
- SSDEEP
  
  3072:Bw1Y91VV3eJI1g9BIwuk7znyX/8BcB5RDLTcZ1:gY91zYggEuznS9TcZ
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan