smokeloader | 603ca6b962a0545bcc4e06308d6e68cd771d535fb34b45960f7242dc855941e6 | Triage

Sharing

General

Target

603ca6b962a0545bcc4e06308d6e68cd771d535fb34b45960f7242dc855941e6
Size

236KB
Sample

240507-strmsafd36
MD5

0be195eb467b67e6c00bc5e88821d5ac
SHA1

d77634b84160ee79e8838a0c6c32a87fbfdd4b8f
SHA256

603ca6b962a0545bcc4e06308d6e68cd771d535fb34b45960f7242dc855941e6
SHA512

a20b8b8d705d1366431e5386cead3a0ab41b7bb6b506ad745773aa3cd528f54b0cd155502919c82e7d6f972e64c4e7bb1fa04909cf9eb9703949cb75de046c2f
SSDEEP

3072:4/n08fMjzVnoZHkVGZMWaM75Fc8zDhLU:I3fMjzhkHkwZJaMf7hw

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  603ca6b962a0545bcc4e06308d6e68cd771d535fb34b45960f7242dc855941e6
- Size
  
  236KB
- MD5
  
  0be195eb467b67e6c00bc5e88821d5ac
- SHA1
  
  d77634b84160ee79e8838a0c6c32a87fbfdd4b8f
- SHA256
  
  603ca6b962a0545bcc4e06308d6e68cd771d535fb34b45960f7242dc855941e6
- SHA512
  
  a20b8b8d705d1366431e5386cead3a0ab41b7bb6b506ad745773aa3cd528f54b0cd155502919c82e7d6f972e64c4e7bb1fa04909cf9eb9703949cb75de046c2f
- SSDEEP
  
  3072:4/n08fMjzVnoZHkVGZMWaM75Fc8zDhLU:I3fMjzhkHkwZJaMf7hw
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan