smokeloader | b0ea8246dab704d0cf17b8ead642eb46d5670b3de12014fa39f1bfbbb42c1224 | Triage

Sharing

General

Target

b0ea8246dab704d0cf17b8ead642eb46d5670b3de12014fa39f1bfbbb42c1224
Size

238KB
Sample

240507-pl8dsaff3w
MD5

12954c2dd02032d1df536289f8512bc5
SHA1

5d327952d94d62de973b234830fd7012423ad400
SHA256

b0ea8246dab704d0cf17b8ead642eb46d5670b3de12014fa39f1bfbbb42c1224
SHA512

1dfedc504f73ca5f2acd3304a6ace243a7d9897b589cdade716cae91c6b1aaa4d06fecff4143797fc7a899d1fc66b06b7cfe075654fe389e270bcd2ab13ad6bc
SSDEEP

3072:tqKqZAk1RAYj/BCRUtUiLLrV51/I4hLU:raAkxsUtFhw

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b0ea8246dab704d0cf17b8ead642eb46d5670b3de12014fa39f1bfbbb42c1224
- Size
  
  238KB
- MD5
  
  12954c2dd02032d1df536289f8512bc5
- SHA1
  
  5d327952d94d62de973b234830fd7012423ad400
- SHA256
  
  b0ea8246dab704d0cf17b8ead642eb46d5670b3de12014fa39f1bfbbb42c1224
- SHA512
  
  1dfedc504f73ca5f2acd3304a6ace243a7d9897b589cdade716cae91c6b1aaa4d06fecff4143797fc7a899d1fc66b06b7cfe075654fe389e270bcd2ab13ad6bc
- SSDEEP
  
  3072:tqKqZAk1RAYj/BCRUtUiLLrV51/I4hLU:raAkxsUtFhw
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan