smokeloader | 20ac0cbf14865dc7314ac9f6873e9c240c63e010bc84a9c9a19b219cef7e56f6 | Triage

Sharing

General

Target

20ac0cbf14865dc7314ac9f6873e9c240c63e010bc84a9c9a19b219cef7e56f6
Size

236KB
Sample

240507-xx2dlsbc3t
MD5

c66a9c7e9b64a09f04a46f450acdea5e
SHA1

a8fa3a863badb2562d6de70ff4d90d7419ee74b8
SHA256

20ac0cbf14865dc7314ac9f6873e9c240c63e010bc84a9c9a19b219cef7e56f6
SHA512

2bf47ad0faf8803cc02340392a54024b331bbb0abae2b1d3ed9307a7ac9fbedc7659015b2d05be7aef8747e1823c781d55b3535d3cca0396d6caeb2c161d5c6d
SSDEEP

3072:joAmj8w3h/NjF0McWnhTgjSHBRm5Pad3Gb6+:EAmRNrh9hUIWaUb6+

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  20ac0cbf14865dc7314ac9f6873e9c240c63e010bc84a9c9a19b219cef7e56f6
- Size
  
  236KB
- MD5
  
  c66a9c7e9b64a09f04a46f450acdea5e
- SHA1
  
  a8fa3a863badb2562d6de70ff4d90d7419ee74b8
- SHA256
  
  20ac0cbf14865dc7314ac9f6873e9c240c63e010bc84a9c9a19b219cef7e56f6
- SHA512
  
  2bf47ad0faf8803cc02340392a54024b331bbb0abae2b1d3ed9307a7ac9fbedc7659015b2d05be7aef8747e1823c781d55b3535d3cca0396d6caeb2c161d5c6d
- SSDEEP
  
  3072:joAmj8w3h/NjF0McWnhTgjSHBRm5Pad3Gb6+:EAmRNrh9hUIWaUb6+
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan