smokeloader | 27ead7ba5ed1bec1e362e5d468b9a3326de5427f5bf537f79cdb4766f7ec068d | Triage

Sharing

General

Target

27ead7ba5ed1bec1e362e5d468b9a3326de5427f5bf537f79cdb4766f7ec068d
Size

221KB
Sample

240516-s7y9sacb34
MD5

4625fc201190913c571c1011cab48343
SHA1

c4a9f151d98667a7ae9c11dff235b7a050b03820
SHA256

27ead7ba5ed1bec1e362e5d468b9a3326de5427f5bf537f79cdb4766f7ec068d
SHA512

b9cb0da34bfcec2b87539c2f7cc40f1ee47babee00ee25250a0e45343925d48d6b2c54da2c930ac332803e38ef002c85d67722f5ece4dc50dce6e6bb465477f2
SSDEEP

3072:LZRBUgBkCV3gWLS+dFq6OcseIojbgudYIxpCRMnJ3/kkJdclhzenG5Vewt5CF:LiDpPfoj9YIqRMpJSlhan3w

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  27ead7ba5ed1bec1e362e5d468b9a3326de5427f5bf537f79cdb4766f7ec068d
- Size
  
  221KB
- MD5
  
  4625fc201190913c571c1011cab48343
- SHA1
  
  c4a9f151d98667a7ae9c11dff235b7a050b03820
- SHA256
  
  27ead7ba5ed1bec1e362e5d468b9a3326de5427f5bf537f79cdb4766f7ec068d
- SHA512
  
  b9cb0da34bfcec2b87539c2f7cc40f1ee47babee00ee25250a0e45343925d48d6b2c54da2c930ac332803e38ef002c85d67722f5ece4dc50dce6e6bb465477f2
- SSDEEP
  
  3072:LZRBUgBkCV3gWLS+dFq6OcseIojbgudYIxpCRMnJ3/kkJdclhzenG5Vewt5CF:LiDpPfoj9YIqRMpJSlhan3w
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan