smokeloader | 99fca35435dc4543fa71e937f75b8113005fa768e649219d83ac6c8da796d29f | Triage

Sharing

General

Target

99fca35435dc4543fa71e937f75b8113005fa768e649219d83ac6c8da796d29f
Size

221KB
Sample

240516-yb4ghsch7z
MD5

b7481ed8b86e5fec088b6258b78ba106
SHA1

80dadef93ee84733264a0810f062ff4eab0e07a9
SHA256

99fca35435dc4543fa71e937f75b8113005fa768e649219d83ac6c8da796d29f
SHA512

191327b9b0bd45f5f8782e01a4e2e3fecfd89d6429e38b9e9fc6aa932e3dcfca2c76e8c1f98d8291f48fc01c1c621dcc3d66b36feb70908a637c9291a2987e05
SSDEEP

3072:Y/Phd/IpQ8GMpoV+ov7K/QGY1HjoCWj7YT6zL+wSM3nCVPd/diNqrLA23K0fddwa:Y/hVVTrrDo/j8ez6w6V7DnAsK0fddw

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  99fca35435dc4543fa71e937f75b8113005fa768e649219d83ac6c8da796d29f
- Size
  
  221KB
- MD5
  
  b7481ed8b86e5fec088b6258b78ba106
- SHA1
  
  80dadef93ee84733264a0810f062ff4eab0e07a9
- SHA256
  
  99fca35435dc4543fa71e937f75b8113005fa768e649219d83ac6c8da796d29f
- SHA512
  
  191327b9b0bd45f5f8782e01a4e2e3fecfd89d6429e38b9e9fc6aa932e3dcfca2c76e8c1f98d8291f48fc01c1c621dcc3d66b36feb70908a637c9291a2987e05
- SSDEEP
  
  3072:Y/Phd/IpQ8GMpoV+ov7K/QGY1HjoCWj7YT6zL+wSM3nCVPd/diNqrLA23K0fddwa:Y/hVVTrrDo/j8ez6w6V7DnAsK0fddw
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan