smokeloader | 1995819fcd9d420d3aa920cda5a9148fd3022f1cc89c069001695b9a5bec3fa4 | Triage

Sharing

General

Target

1995819fcd9d420d3aa920cda5a9148fd3022f1cc89c069001695b9a5bec3fa4
Size

231KB
Sample

240509-ge125aga39
MD5

3cd98853c39c30a55cca34924310ca7b
SHA1

3ec887940429cc63d29310cc24691f5eec777d30
SHA256

1995819fcd9d420d3aa920cda5a9148fd3022f1cc89c069001695b9a5bec3fa4
SHA512

0438b40ec356b18324199f2f97428bd5b37674fa49525975229d5e18fef499e2a864934fe68c7927f74020e4bf816ffac534dfa3e73b21651be8163e1f03cb3f
SSDEEP

3072:dd1oPeBiraH5wSmf7WIcr+5VG6HsBkJQlM:P1oP/u+er0MeJK

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  1995819fcd9d420d3aa920cda5a9148fd3022f1cc89c069001695b9a5bec3fa4
- Size
  
  231KB
- MD5
  
  3cd98853c39c30a55cca34924310ca7b
- SHA1
  
  3ec887940429cc63d29310cc24691f5eec777d30
- SHA256
  
  1995819fcd9d420d3aa920cda5a9148fd3022f1cc89c069001695b9a5bec3fa4
- SHA512
  
  0438b40ec356b18324199f2f97428bd5b37674fa49525975229d5e18fef499e2a864934fe68c7927f74020e4bf816ffac534dfa3e73b21651be8163e1f03cb3f
- SSDEEP
  
  3072:dd1oPeBiraH5wSmf7WIcr+5VG6HsBkJQlM:P1oP/u+er0MeJK
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan