smokeloader | 37dcd59e709f2d167ec3100ce588962990af8824e136f59d75e49795f7c73d83 | Triage

Sharing

General

Target

37dcd59e709f2d167ec3100ce588962990af8824e136f59d75e49795f7c73d83
Size

231KB
Sample

240514-g8ar2adf81
MD5

a0a40b1c2d5791222c7d1603c0758f07
SHA1

3db09249caf57bb9ee3bf20c37e9131dec49a459
SHA256

37dcd59e709f2d167ec3100ce588962990af8824e136f59d75e49795f7c73d83
SHA512

36e222e5958a3b6a2fdbf00711133218ef2e2916e2e1e8c264b17464f4dc699088d41260f1c1cfb705a850dafb003c32493b3c2f156b5c7e81de5c644a74290e
SSDEEP

3072:WU6FeBsHn44px0vOSx0W+tmhfnL3ijkJusiABUXbw7zzFMRvx7i7GZ4:IkmlcF0WzL3ija3CXbmzFcpG7GZ

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  37dcd59e709f2d167ec3100ce588962990af8824e136f59d75e49795f7c73d83
- Size
  
  231KB
- MD5
  
  a0a40b1c2d5791222c7d1603c0758f07
- SHA1
  
  3db09249caf57bb9ee3bf20c37e9131dec49a459
- SHA256
  
  37dcd59e709f2d167ec3100ce588962990af8824e136f59d75e49795f7c73d83
- SHA512
  
  36e222e5958a3b6a2fdbf00711133218ef2e2916e2e1e8c264b17464f4dc699088d41260f1c1cfb705a850dafb003c32493b3c2f156b5c7e81de5c644a74290e
- SSDEEP
  
  3072:WU6FeBsHn44px0vOSx0W+tmhfnL3ijkJusiABUXbw7zzFMRvx7i7GZ4:IkmlcF0WzL3ija3CXbmzFcpG7GZ
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan