smokeloader | 61aed1e7529ff1e38f0d19f41c97603ad424dff959938aee0a09084c56697071 | Triage

Sharing

General

Target

61aed1e7529ff1e38f0d19f41c97603ad424dff959938aee0a09084c56697071
Size

231KB
Sample

240514-jjsyesfe7y
MD5

f547ea6ded0e3c24356962169ea30d44
SHA1

f7a006f612fbe51e2ee837a9eea6711767601743
SHA256

61aed1e7529ff1e38f0d19f41c97603ad424dff959938aee0a09084c56697071
SHA512

61f01558151a293fa35b67057f796e0094751c43cd7fc54661172c09e1e8e12912af2c890a6863191e4219a79f20577243c2a79de9385defad6dffd4642025b1
SSDEEP

3072:YU6vPyZArvKM2SVQI5xQFW+BmmcANIf3gus7qHVrxUYvh6C27PuscL1UMhs:aSF+zUFWmQwus4NUYpifWJ

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  61aed1e7529ff1e38f0d19f41c97603ad424dff959938aee0a09084c56697071
- Size
  
  231KB
- MD5
  
  f547ea6ded0e3c24356962169ea30d44
- SHA1
  
  f7a006f612fbe51e2ee837a9eea6711767601743
- SHA256
  
  61aed1e7529ff1e38f0d19f41c97603ad424dff959938aee0a09084c56697071
- SHA512
  
  61f01558151a293fa35b67057f796e0094751c43cd7fc54661172c09e1e8e12912af2c890a6863191e4219a79f20577243c2a79de9385defad6dffd4642025b1
- SSDEEP
  
  3072:YU6vPyZArvKM2SVQI5xQFW+BmmcANIf3gus7qHVrxUYvh6C27PuscL1UMhs:aSF+zUFWmQwus4NUYpifWJ
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan