smokeloader | 8f89419bd1b8f265e23c81f012e529094084b3791385b403c87753c680190d7f | Triage

Sharing

General

Target

8f89419bd1b8f265e23c81f012e529094084b3791385b403c87753c680190d7f
Size

229KB
Sample

240516-skw6xaaf37
MD5

988845793ebd58e09afb588b82f24082
SHA1

838908721a0f4dd93d024004bd7e55755a2b5080
SHA256

8f89419bd1b8f265e23c81f012e529094084b3791385b403c87753c680190d7f
SHA512

0dbb8524963c8b17c431639425cfeb56ae347d4d84c4460b31ca5a0afc4d31d8a3bffaf493f09e9a437973f81465134debdac34bb0bd7d23556ccbbf6d1b8f68
SSDEEP

3072:yuCuXasEoEMsFt71FJ+9/5eUQbH/E/8uQjcFDinf4nlPTHao8lxzQoBOCpwPQDF:5DMdDJT7E8pelB6oh6Dpw

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8f89419bd1b8f265e23c81f012e529094084b3791385b403c87753c680190d7f
- Size
  
  229KB
- MD5
  
  988845793ebd58e09afb588b82f24082
- SHA1
  
  838908721a0f4dd93d024004bd7e55755a2b5080
- SHA256
  
  8f89419bd1b8f265e23c81f012e529094084b3791385b403c87753c680190d7f
- SHA512
  
  0dbb8524963c8b17c431639425cfeb56ae347d4d84c4460b31ca5a0afc4d31d8a3bffaf493f09e9a437973f81465134debdac34bb0bd7d23556ccbbf6d1b8f68
- SSDEEP
  
  3072:yuCuXasEoEMsFt71FJ+9/5eUQbH/E/8uQjcFDinf4nlPTHao8lxzQoBOCpwPQDF:5DMdDJT7E8pelB6oh6Dpw
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan