smokeloader | fc4369c843bf6efd05e876384040fbf63386cd2f8620a511493bc20dc3d78f05 | Triage

Sharing

General

Target

a2325075d34e3c75ffc18d4a4a915a10_NeikiAnalytics
Size

231KB
Sample

240513-hf269adh24
MD5

a2325075d34e3c75ffc18d4a4a915a10
SHA1

270541bb31e454eeb831d25a59bb2a90b2c68c31
SHA256

fc4369c843bf6efd05e876384040fbf63386cd2f8620a511493bc20dc3d78f05
SHA512

ba74988a1cff9e4f2817cb3bd3ba7e5fab84ce0a3f0bee75f633d423551b625489bfb05ba892d2c6d810f9071cb0e054e468aa1673410633b4721719c48efd32
SSDEEP

3072:e9unI06quCipFeLOlWBGCI+b2PFk9UDNajI85RwoQ6/6li6WcgsgS1h50TGF:ef0ofeLAtaUGIe7R/v6WD50h2Tq

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  a2325075d34e3c75ffc18d4a4a915a10_NeikiAnalytics
- Size
  
  231KB
- MD5
  
  a2325075d34e3c75ffc18d4a4a915a10
- SHA1
  
  270541bb31e454eeb831d25a59bb2a90b2c68c31
- SHA256
  
  fc4369c843bf6efd05e876384040fbf63386cd2f8620a511493bc20dc3d78f05
- SHA512
  
  ba74988a1cff9e4f2817cb3bd3ba7e5fab84ce0a3f0bee75f633d423551b625489bfb05ba892d2c6d810f9071cb0e054e468aa1673410633b4721719c48efd32
- SSDEEP
  
  3072:e9unI06quCipFeLOlWBGCI+b2PFk9UDNajI85RwoQ6/6li6WcgsgS1h50TGF:ef0ofeLAtaUGIe7R/v6WD50h2Tq
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan