smokeloader | d28c885d325d55b8b9373609c8f67c714d5273c194e921700152cb0bd69b4064 | Triage

Sharing

General

Target

d28c885d325d55b8b9373609c8f67c714d5273c194e921700152cb0bd69b4064
Size

213KB
Sample

240509-x9ds3sea79
MD5

ad5872ffe20e5a8484c991590920cbcc
SHA1

32f24f043f18122a02364e0ccb91abb35e309161
SHA256

d28c885d325d55b8b9373609c8f67c714d5273c194e921700152cb0bd69b4064
SHA512

c0c10aadb88ca43d95b8af0f7e51d7e153f7d46c7d902a7220f03a5b860fad927deb39d2d8467f5c339fa2eeca4bcb243cb8d7569b52619258fd38ad95bd48f4
SSDEEP

3072:o/BLlqtlN7XTNUmErMj0syv7jAH9gNUr5CkwkxnDY7Yi:hN7XYruzs7kHSNUX

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d28c885d325d55b8b9373609c8f67c714d5273c194e921700152cb0bd69b4064
- Size
  
  213KB
- MD5
  
  ad5872ffe20e5a8484c991590920cbcc
- SHA1
  
  32f24f043f18122a02364e0ccb91abb35e309161
- SHA256
  
  d28c885d325d55b8b9373609c8f67c714d5273c194e921700152cb0bd69b4064
- SHA512
  
  c0c10aadb88ca43d95b8af0f7e51d7e153f7d46c7d902a7220f03a5b860fad927deb39d2d8467f5c339fa2eeca4bcb243cb8d7569b52619258fd38ad95bd48f4
- SSDEEP
  
  3072:o/BLlqtlN7XTNUmErMj0syv7jAH9gNUr5CkwkxnDY7Yi:hN7XYruzs7kHSNUX
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan