smokeloader | bb6be60a9c5ceeafe4132db6815312e1895b12cdf2bd076eb91f01fa0048c87d | Triage

Sharing

General

Target

bb6be60a9c5ceeafe4132db6815312e1895b12cdf2bd076eb91f01fa0048c87d
Size

245KB
Sample

240511-1ph4vadd94
MD5

a3eeff714d5bb923a7dcd61451c048f2
SHA1

e47e9597003a2c28ccccec610753641f55e70f3a
SHA256

bb6be60a9c5ceeafe4132db6815312e1895b12cdf2bd076eb91f01fa0048c87d
SHA512

e850661214d31b43bfca1b696cd866e1a14172d19e52e79d647e6c830eb0010d93cc22fd5791f061348aa965569f4ad8079563a425d20850eb4c2f62f0131954
SSDEEP

3072:Gk6Jst2BZBpRJY5YNtZ+Y1h67EAjE89sStQHCZ/FnwuQfPjpkyLTL6:Gksz4KPHJ8n9sStQiZBQz6UT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  bb6be60a9c5ceeafe4132db6815312e1895b12cdf2bd076eb91f01fa0048c87d
- Size
  
  245KB
- MD5
  
  a3eeff714d5bb923a7dcd61451c048f2
- SHA1
  
  e47e9597003a2c28ccccec610753641f55e70f3a
- SHA256
  
  bb6be60a9c5ceeafe4132db6815312e1895b12cdf2bd076eb91f01fa0048c87d
- SHA512
  
  e850661214d31b43bfca1b696cd866e1a14172d19e52e79d647e6c830eb0010d93cc22fd5791f061348aa965569f4ad8079563a425d20850eb4c2f62f0131954
- SSDEEP
  
  3072:Gk6Jst2BZBpRJY5YNtZ+Y1h67EAjE89sStQHCZ/FnwuQfPjpkyLTL6:Gksz4KPHJ8n9sStQiZBQz6UT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan