smokeloader | acf2401e2f14b610ce4c599db737ca76b2616528d4a5019591d6ec0216cedf4a | Triage

Sharing

General

Target

acf2401e2f14b610ce4c599db737ca76b2616528d4a5019591d6ec0216cedf4a
Size

245KB
Sample

240511-nw95pahe68
MD5

5027bf6f527fcdb5e308fddf400c7ae5
SHA1

9f042b51c24ccc207bd4a8fe6e523cc66e22f5bf
SHA256

acf2401e2f14b610ce4c599db737ca76b2616528d4a5019591d6ec0216cedf4a
SHA512

559eea3374f26876e3da4058a5645dde81bdbdc6df65811736b164b5c689d1c5fa401412846b1a83dc7278cf09ace9d5da92d4a6ff3d98275d175041a0e06fd8
SSDEEP

6144:mQseyhZJjgWZ1VuPGH++0A1LRECMxGlT:mQseMjgOnmGHj06WCD

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  acf2401e2f14b610ce4c599db737ca76b2616528d4a5019591d6ec0216cedf4a
- Size
  
  245KB
- MD5
  
  5027bf6f527fcdb5e308fddf400c7ae5
- SHA1
  
  9f042b51c24ccc207bd4a8fe6e523cc66e22f5bf
- SHA256
  
  acf2401e2f14b610ce4c599db737ca76b2616528d4a5019591d6ec0216cedf4a
- SHA512
  
  559eea3374f26876e3da4058a5645dde81bdbdc6df65811736b164b5c689d1c5fa401412846b1a83dc7278cf09ace9d5da92d4a6ff3d98275d175041a0e06fd8
- SSDEEP
  
  6144:mQseyhZJjgWZ1VuPGH++0A1LRECMxGlT:mQseMjgOnmGHj06WCD
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan