smokeloader | 26c4292572bafad83c4b2d6f9a78661e8cbc03ff87b1ed90608cbade6f72381c | Triage

Sharing

General

Target

26c4292572bafad83c4b2d6f9a78661e8cbc03ff87b1ed90608cbade6f72381c
Size

239KB
Sample

240512-h25t9she58
MD5

3d0675c5714ecb295c32d791f3c5b284
SHA1

f1294de31d83d3779d05c68cb0d9e429e8502c38
SHA256

26c4292572bafad83c4b2d6f9a78661e8cbc03ff87b1ed90608cbade6f72381c
SHA512

f3ea917e1a4ab78adcd2cc30fee514e00e424847ead6b22e5853635f52b1d84d659611d2aea06022fe2356b0b1bf40e422d4cec2edfd9ca882b77d8a6549bfc5
SSDEEP

3072:tjkBtfJGEzB8pGAMXkaFl/+N15MV/6fjHMNmfwZ5+Kj/6Ghds9ySPeyd6:tc/MwAMU+/HyYmqCGiySPj

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  26c4292572bafad83c4b2d6f9a78661e8cbc03ff87b1ed90608cbade6f72381c
- Size
  
  239KB
- MD5
  
  3d0675c5714ecb295c32d791f3c5b284
- SHA1
  
  f1294de31d83d3779d05c68cb0d9e429e8502c38
- SHA256
  
  26c4292572bafad83c4b2d6f9a78661e8cbc03ff87b1ed90608cbade6f72381c
- SHA512
  
  f3ea917e1a4ab78adcd2cc30fee514e00e424847ead6b22e5853635f52b1d84d659611d2aea06022fe2356b0b1bf40e422d4cec2edfd9ca882b77d8a6549bfc5
- SSDEEP
  
  3072:tjkBtfJGEzB8pGAMXkaFl/+N15MV/6fjHMNmfwZ5+Kj/6Ghds9ySPeyd6:tc/MwAMU+/HyYmqCGiySPj
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan