smokeloader | 9f65917bbff339bc90f945fd203bc523484cedec018a480206a2cf35f9f91b15 | Triage

Sharing

General

Target

9f65917bbff339bc90f945fd203bc523484cedec018a480206a2cf35f9f91b15
Size

241KB
Sample

240512-js6wmsag65
MD5

b46ebd6e43ff803d40666c1c2f85c32f
SHA1

c9601fbca28b160103d0323d1f9bdc819955aa8d
SHA256

9f65917bbff339bc90f945fd203bc523484cedec018a480206a2cf35f9f91b15
SHA512

ab5f7a1938976f6e82851fca53f943ba74784272be166abb61ba3c630e1f252b222e9072ca41d74e83f07cdfd56511265bc6c348aa9ccaa76ed229ad191e5cfa
SSDEEP

3072:qMZuV9fK7e5LZ/pP3P6LRfW+Xx0V8JLe2ATpkbfG+nqXQCYQJ03iTReGjLuMGgql:qLKwtSBWAlNAT2beQCYQJ0SHuRlyj

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  9f65917bbff339bc90f945fd203bc523484cedec018a480206a2cf35f9f91b15
- Size
  
  241KB
- MD5
  
  b46ebd6e43ff803d40666c1c2f85c32f
- SHA1
  
  c9601fbca28b160103d0323d1f9bdc819955aa8d
- SHA256
  
  9f65917bbff339bc90f945fd203bc523484cedec018a480206a2cf35f9f91b15
- SHA512
  
  ab5f7a1938976f6e82851fca53f943ba74784272be166abb61ba3c630e1f252b222e9072ca41d74e83f07cdfd56511265bc6c348aa9ccaa76ed229ad191e5cfa
- SSDEEP
  
  3072:qMZuV9fK7e5LZ/pP3P6LRfW+Xx0V8JLe2ATpkbfG+nqXQCYQJ03iTReGjLuMGgql:qLKwtSBWAlNAT2beQCYQJ0SHuRlyj
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan