smokeloader | 5f82444a28a7f509efe9efa1268053459d14f984821bddccca458746af1c6df8 | Triage

Sharing

General

Target

5f82444a28a7f509efe9efa1268053459d14f984821bddccca458746af1c6df8
Size

245KB
Sample

240511-rsqhnabe9t
MD5

7a935d250ae52e8b79baef8959b49d2a
SHA1

bea9f5f91134bd0ad8ba0b5933361bb77e8412a9
SHA256

5f82444a28a7f509efe9efa1268053459d14f984821bddccca458746af1c6df8
SHA512

182cdcc9b63ab57e9dad0c9eed3541e5264982f9d247b8286eed53ccb0791bca0f63f24df21326c8d4faa7b16f7c2bf793886eb6f04d1fb8bd85fbb92ccde55c
SSDEEP

3072:qXk6Xf4Nhxwp1eXk4oF+C17RSyZoa0Zx/nDyym3d1x16rEa+3hA9O/KLTL6:q7v3HBDpSna0Zx/n+dT6p4hA4yLT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  5f82444a28a7f509efe9efa1268053459d14f984821bddccca458746af1c6df8
- Size
  
  245KB
- MD5
  
  7a935d250ae52e8b79baef8959b49d2a
- SHA1
  
  bea9f5f91134bd0ad8ba0b5933361bb77e8412a9
- SHA256
  
  5f82444a28a7f509efe9efa1268053459d14f984821bddccca458746af1c6df8
- SHA512
  
  182cdcc9b63ab57e9dad0c9eed3541e5264982f9d247b8286eed53ccb0791bca0f63f24df21326c8d4faa7b16f7c2bf793886eb6f04d1fb8bd85fbb92ccde55c
- SSDEEP
  
  3072:qXk6Xf4Nhxwp1eXk4oF+C17RSyZoa0Zx/nDyym3d1x16rEa+3hA9O/KLTL6:q7v3HBDpSna0Zx/n+dT6p4hA4yLT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan