smokeloader | 295f0e7a66ddc07476d398e3101ae6d8bbb4ee10c446f1e4f1baea402f0c1eb6 | Triage

Sharing

General

Target

295f0e7a66ddc07476d398e3101ae6d8bbb4ee10c446f1e4f1baea402f0c1eb6
Size

208KB
Sample

240507-h3m1vahc75
MD5

93fb95cc6b126feb4d6fc30245039420
SHA1

447357877e00da3726f0c2fa6e73d741945d3384
SHA256

295f0e7a66ddc07476d398e3101ae6d8bbb4ee10c446f1e4f1baea402f0c1eb6
SHA512

2e8c521f0c38b0669e16e199039bd43b7aa5df333e35c62c85734e60753834fade4f122c0a2617427c057b7a1a823fd98a7ae99bef22f22d6fc2cc7d611761f0
SSDEEP

1536:iunajAU5q9j7ykjMY9PdqRKHuf29r+lBpZlfEFrrw1lsRAh/k4615BVOmFRhErmo:iwQY9lqKuei7pgFQ3so/7w5BJFRh2

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  295f0e7a66ddc07476d398e3101ae6d8bbb4ee10c446f1e4f1baea402f0c1eb6
- Size
  
  208KB
- MD5
  
  93fb95cc6b126feb4d6fc30245039420
- SHA1
  
  447357877e00da3726f0c2fa6e73d741945d3384
- SHA256
  
  295f0e7a66ddc07476d398e3101ae6d8bbb4ee10c446f1e4f1baea402f0c1eb6
- SHA512
  
  2e8c521f0c38b0669e16e199039bd43b7aa5df333e35c62c85734e60753834fade4f122c0a2617427c057b7a1a823fd98a7ae99bef22f22d6fc2cc7d611761f0
- SSDEEP
  
  1536:iunajAU5q9j7ykjMY9PdqRKHuf29r+lBpZlfEFrrw1lsRAh/k4615BVOmFRhErmo:iwQY9lqKuei7pgFQ3so/7w5BJFRh2
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan