smokeloader | da105eb3f048fa1b375771bee7c486ebcdec2328610f21b7311918c4b7bb43d3 | Triage

Sharing

General

Target

da105eb3f048fa1b375771bee7c486ebcdec2328610f21b7311918c4b7bb43d3
Size

228KB
Sample

240516-sswkcaag9x
MD5

f77e1a55e53d8cd137b390aee9065caf
SHA1

a38105fb8bbec353b051c787b4980db538102fbe
SHA256

da105eb3f048fa1b375771bee7c486ebcdec2328610f21b7311918c4b7bb43d3
SHA512

90ae9050fdd3ee9774f64787dbd57f52fafbdb30d8efdd3bf212db1f3084d468b5585f4e15a7b8898d5c4cc0f1c9e0cca668e64b57eb1bf5747aaa6ca785624d
SSDEEP

3072:U/X4PHvHxK40XKv/0+R5e9KYbzEEEEEEEZUTFub4ms1veJb73NWsl3wnd6V0fcak:mnaH0D/EEEEEEEZUNpeJ33N1366OIw

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  da105eb3f048fa1b375771bee7c486ebcdec2328610f21b7311918c4b7bb43d3
- Size
  
  228KB
- MD5
  
  f77e1a55e53d8cd137b390aee9065caf
- SHA1
  
  a38105fb8bbec353b051c787b4980db538102fbe
- SHA256
  
  da105eb3f048fa1b375771bee7c486ebcdec2328610f21b7311918c4b7bb43d3
- SHA512
  
  90ae9050fdd3ee9774f64787dbd57f52fafbdb30d8efdd3bf212db1f3084d468b5585f4e15a7b8898d5c4cc0f1c9e0cca668e64b57eb1bf5747aaa6ca785624d
- SSDEEP
  
  3072:U/X4PHvHxK40XKv/0+R5e9KYbzEEEEEEEZUTFub4ms1veJb73NWsl3wnd6V0fcak:mnaH0D/EEEEEEEZUNpeJ33N1366OIw
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan