smokeloader | 4a4d08f86c3a9ca83fe3bb6e3525e23585b08577a8ad4c6519d12a651d05c9e5 | Triage

Sharing

General

Target

4a4d08f86c3a9ca83fe3bb6e3525e23585b08577a8ad4c6519d12a651d05c9e5
Size

224KB
Sample

240514-tcjraadg29
MD5

be767e08bb0bbc5b09054535fb5d304f
SHA1

115bcd15f5b39f10eb8de7af7c6a58ba5348e2f4
SHA256

4a4d08f86c3a9ca83fe3bb6e3525e23585b08577a8ad4c6519d12a651d05c9e5
SHA512

dfb643aa19f938e966dbd4e165b196d87d2f8bdea399564dd013355a8020461b3c6165e10a843355ed5d09d1e4bfde396644e6227c2e33b220d3c74b55501f2d
SSDEEP

3072:o0oOq8Z9xnnXymaLhr+9BtZOXSOaPjPcY2jm1ZYBsG7g2RM5HyV6:c675Aru3OwIv0ZYqUdW5HW

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  4a4d08f86c3a9ca83fe3bb6e3525e23585b08577a8ad4c6519d12a651d05c9e5
- Size
  
  224KB
- MD5
  
  be767e08bb0bbc5b09054535fb5d304f
- SHA1
  
  115bcd15f5b39f10eb8de7af7c6a58ba5348e2f4
- SHA256
  
  4a4d08f86c3a9ca83fe3bb6e3525e23585b08577a8ad4c6519d12a651d05c9e5
- SHA512
  
  dfb643aa19f938e966dbd4e165b196d87d2f8bdea399564dd013355a8020461b3c6165e10a843355ed5d09d1e4bfde396644e6227c2e33b220d3c74b55501f2d
- SSDEEP
  
  3072:o0oOq8Z9xnnXymaLhr+9BtZOXSOaPjPcY2jm1ZYBsG7g2RM5HyV6:c675Aru3OwIv0ZYqUdW5HW
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan