smokeloader | 01dc2ca45ddafb68f6d74f25aaee5b6c72b6b58ad3c62b2bde671fc79921a690 | Triage

Sharing

General

Target

01dc2ca45ddafb68f6d74f25aaee5b6c72b6b58ad3c62b2bde671fc79921a690
Size

239KB
Sample

240512-accs7afb3v
MD5

7a735c6ee7721f28f42936bc2b218eaf
SHA1

b6ef97ffb381629fd9521586b222a896b634af48
SHA256

01dc2ca45ddafb68f6d74f25aaee5b6c72b6b58ad3c62b2bde671fc79921a690
SHA512

2e240ab206f7846ec013c6bf70e9b827f423c85dfdfab21454f7984c44d4434e9bcdeb0156cc69d27e0698b0bac9621e352201974ca83caf2efd27351044dbc2
SSDEEP

6144:dHTPsk5tiDEEEEEBxesEpzDF7r3AZ8Cx:dHTkk5tiyesE34Z

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  01dc2ca45ddafb68f6d74f25aaee5b6c72b6b58ad3c62b2bde671fc79921a690
- Size
  
  239KB
- MD5
  
  7a735c6ee7721f28f42936bc2b218eaf
- SHA1
  
  b6ef97ffb381629fd9521586b222a896b634af48
- SHA256
  
  01dc2ca45ddafb68f6d74f25aaee5b6c72b6b58ad3c62b2bde671fc79921a690
- SHA512
  
  2e240ab206f7846ec013c6bf70e9b827f423c85dfdfab21454f7984c44d4434e9bcdeb0156cc69d27e0698b0bac9621e352201974ca83caf2efd27351044dbc2
- SSDEEP
  
  6144:dHTPsk5tiDEEEEEBxesEpzDF7r3AZ8Cx:dHTkk5tiyesE34Z
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan