smokeloader | 6f08fe6b9aa1a010730880f4ad0134000a5a61caddace0cf6f83f1f2d56bb43c | Triage

Sharing

General

Target

6f08fe6b9aa1a010730880f4ad0134000a5a61caddace0cf6f83f1f2d56bb43c
Size

240KB
Sample

240512-kr93cagh3v
MD5

a4c6e4d0eca38cdd70eaa3f9a20f030c
SHA1

ccea1c6371fa88bd2ebe3c56d321e4cb931b0c4b
SHA256

6f08fe6b9aa1a010730880f4ad0134000a5a61caddace0cf6f83f1f2d56bb43c
SHA512

78a9e71c3e49e8bb62f8efd47f60c61d4d1366666d682d90274e27dee49cb450f1210ca4d6bf5b55b9ab1ffd1c53bb8c086e1a71fc2e757044029bf550b2adfe
SSDEEP

3072:zk++qmoe3Fm7X9pgViMsGW+amEFiIT5De9rqpXoCj5fjQx4rBrQOoqjR6mJN6:zmkOocWCIdS9OpXok5bAOVRD

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  6f08fe6b9aa1a010730880f4ad0134000a5a61caddace0cf6f83f1f2d56bb43c
- Size
  
  240KB
- MD5
  
  a4c6e4d0eca38cdd70eaa3f9a20f030c
- SHA1
  
  ccea1c6371fa88bd2ebe3c56d321e4cb931b0c4b
- SHA256
  
  6f08fe6b9aa1a010730880f4ad0134000a5a61caddace0cf6f83f1f2d56bb43c
- SHA512
  
  78a9e71c3e49e8bb62f8efd47f60c61d4d1366666d682d90274e27dee49cb450f1210ca4d6bf5b55b9ab1ffd1c53bb8c086e1a71fc2e757044029bf550b2adfe
- SSDEEP
  
  3072:zk++qmoe3Fm7X9pgViMsGW+amEFiIT5De9rqpXoCj5fjQx4rBrQOoqjR6mJN6:zmkOocWCIdS9OpXok5bAOVRD
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan