smokeloader | 2102b53c9ab13b733c87f741cdcad68d1752583cef954619f0b83c08b32ff670 | Triage

Sharing

General

Target

2102b53c9ab13b733c87f741cdcad68d1752583cef954619f0b83c08b32ff670
Size

231KB
Sample

240514-p2tkkafh6s
MD5

e0e37ddc8e4e1c6bdd9676bba8a33468
SHA1

268d8e48aa8d159647d462af12e3b56301cac854
SHA256

2102b53c9ab13b733c87f741cdcad68d1752583cef954619f0b83c08b32ff670
SHA512

5ef1be8e0302552badd3b51fce0ec126fa24bf9f076d192db3eda7c885e873caf3092220e448b4b582ab1a230050119608c659751aaf23a37524cb0bcfc418be
SSDEEP

3072:YTiT6FZA6Lvu76+ldcjW+wmxhmeILo3OuQFtPGQJvbTnFVVD3pH+UQ:qH1ScjWQ4do3t2PGQJvvnV9H+U

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2102b53c9ab13b733c87f741cdcad68d1752583cef954619f0b83c08b32ff670
- Size
  
  231KB
- MD5
  
  e0e37ddc8e4e1c6bdd9676bba8a33468
- SHA1
  
  268d8e48aa8d159647d462af12e3b56301cac854
- SHA256
  
  2102b53c9ab13b733c87f741cdcad68d1752583cef954619f0b83c08b32ff670
- SHA512
  
  5ef1be8e0302552badd3b51fce0ec126fa24bf9f076d192db3eda7c885e873caf3092220e448b4b582ab1a230050119608c659751aaf23a37524cb0bcfc418be
- SSDEEP
  
  3072:YTiT6FZA6Lvu76+ldcjW+wmxhmeILo3OuQFtPGQJvbTnFVVD3pH+UQ:qH1ScjWQ4do3t2PGQJvvnV9H+U
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan