smokeloader | 800e637ce31be2168b42887a1f4abe88f0a6745f3c64c0d245534e8134179e28 | Triage

Sharing

General

Target

4ed158d454e02b40a4d7fc3702cafa10_NeikiAnalytics
Size

211KB
Sample

240512-alk6xsad39
MD5

4ed158d454e02b40a4d7fc3702cafa10
SHA1

12e31b9b14b21fbf7eab615d26c91bf1ca7c769e
SHA256

800e637ce31be2168b42887a1f4abe88f0a6745f3c64c0d245534e8134179e28
SHA512

e277448d24bf5d3c63e0936f9647ca26b8c015846cb63cd95e561dd9e56ff30f32185a21ef2115f1f54dfbf5317cfcd5bf41116d2067ce35ecc707ab3e2f2642
SSDEEP

3072:n/Lq1qtnXDEpGcUDIneQg8Qx5R5IxIvsBkJQlP:nXDEYZX8Qj0deJK

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  4ed158d454e02b40a4d7fc3702cafa10_NeikiAnalytics
- Size
  
  211KB
- MD5
  
  4ed158d454e02b40a4d7fc3702cafa10
- SHA1
  
  12e31b9b14b21fbf7eab615d26c91bf1ca7c769e
- SHA256
  
  800e637ce31be2168b42887a1f4abe88f0a6745f3c64c0d245534e8134179e28
- SHA512
  
  e277448d24bf5d3c63e0936f9647ca26b8c015846cb63cd95e561dd9e56ff30f32185a21ef2115f1f54dfbf5317cfcd5bf41116d2067ce35ecc707ab3e2f2642
- SSDEEP
  
  3072:n/Lq1qtnXDEpGcUDIneQg8Qx5R5IxIvsBkJQlP:nXDEYZX8Qj0deJK
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan