smokeloader | 7473f2598d24fddea1ba4a24caa185ca395ab0d2c653bc209c3dbdd94dbbd03a | Triage

Sharing

General

Target

7473f2598d24fddea1ba4a24caa185ca395ab0d2c653bc209c3dbdd94dbbd03a
Size

225KB
Sample

240514-yb29fscg5z
MD5

d0b517734e96ebc40126eaa58a2471fa
SHA1

4c425d3e91fc4b4be9fcd41bc57afeb97ef4b8a3
SHA256

7473f2598d24fddea1ba4a24caa185ca395ab0d2c653bc209c3dbdd94dbbd03a
SHA512

e2d32237aa19827e90ed64fdbfd5d02870fdb1a25ced021fd4866ea3bf1151e27888766ee1297c64125058baf05f3908be9f16b588fd4a5c718114b91c773608
SSDEEP

3072:MBPRBgNahq4hjvHfjC/+cBP1J3ii56p6RLW6Ns9LSVshVRDE14Q:Ggsz7G/cigp6RLBskshPj

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  7473f2598d24fddea1ba4a24caa185ca395ab0d2c653bc209c3dbdd94dbbd03a
- Size
  
  225KB
- MD5
  
  d0b517734e96ebc40126eaa58a2471fa
- SHA1
  
  4c425d3e91fc4b4be9fcd41bc57afeb97ef4b8a3
- SHA256
  
  7473f2598d24fddea1ba4a24caa185ca395ab0d2c653bc209c3dbdd94dbbd03a
- SHA512
  
  e2d32237aa19827e90ed64fdbfd5d02870fdb1a25ced021fd4866ea3bf1151e27888766ee1297c64125058baf05f3908be9f16b588fd4a5c718114b91c773608
- SSDEEP
  
  3072:MBPRBgNahq4hjvHfjC/+cBP1J3ii56p6RLW6Ns9LSVshVRDE14Q:Ggsz7G/cigp6RLBskshPj
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan