smokeloader | 008f95e2037dac0572fd8192ed2b21ab163ea27a992a89505d223c1009d197c4 | Triage

Sharing

General

Target

008f95e2037dac0572fd8192ed2b21ab163ea27a992a89505d223c1009d197c4
Size

230KB
Sample

240510-fta9ksgc24
MD5

fe84e3bb30140ff4ecc9bb9be04aea6a
SHA1

6d38eeceb6fd0eb75272a3ea0a6d7d8460426a64
SHA256

008f95e2037dac0572fd8192ed2b21ab163ea27a992a89505d223c1009d197c4
SHA512

c93ee3b19b48b9c5ba42101ef56f961c512602beea24065468c9e553184478bb35dedf416c6859e1003ef6bc709e6805fe594ed925f43ee9ce07a5b789a2c01f
SSDEEP

3072:Y1pHpqaR1g+ezouETg+1FUR/lKbkLPxy0LnHDzR9J6kZKx1nR635ebP/DOT6yP:Y1lR1rUxFz807f0j1nUMKTx

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  008f95e2037dac0572fd8192ed2b21ab163ea27a992a89505d223c1009d197c4
- Size
  
  230KB
- MD5
  
  fe84e3bb30140ff4ecc9bb9be04aea6a
- SHA1
  
  6d38eeceb6fd0eb75272a3ea0a6d7d8460426a64
- SHA256
  
  008f95e2037dac0572fd8192ed2b21ab163ea27a992a89505d223c1009d197c4
- SHA512
  
  c93ee3b19b48b9c5ba42101ef56f961c512602beea24065468c9e553184478bb35dedf416c6859e1003ef6bc709e6805fe594ed925f43ee9ce07a5b789a2c01f
- SSDEEP
  
  3072:Y1pHpqaR1g+ezouETg+1FUR/lKbkLPxy0LnHDzR9J6kZKx1nR635ebP/DOT6yP:Y1lR1rUxFz807f0j1nUMKTx
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan