smokeloader | 99ca854a87b708ab32b6e660302828267d490b43fac47283a3ecc475b93ef679 | Triage

Sharing

General

Target

99ca854a87b708ab32b6e660302828267d490b43fac47283a3ecc475b93ef679
Size

213KB
Sample

240517-fe8ljahh9x
MD5

aa4164aa83e511f0f52f538877182bd8
SHA1

08bf860052da356d13788fe5ae4293d31db01772
SHA256

99ca854a87b708ab32b6e660302828267d490b43fac47283a3ecc475b93ef679
SHA512

7a6fd1d34b071c1a0314c0b0100d4209ab158d1070dd092ef61e403585699149b9db177f9d021cab615bf84852788f1f17e41243a817bdd798dbceaf60263410
SSDEEP

3072:O69kqtwXaQ96B8s+FmENMtPSYL8U4Nww05Vt+UXi/Re:2XiOFmENUKYLt4wsUo

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  99ca854a87b708ab32b6e660302828267d490b43fac47283a3ecc475b93ef679
- Size
  
  213KB
- MD5
  
  aa4164aa83e511f0f52f538877182bd8
- SHA1
  
  08bf860052da356d13788fe5ae4293d31db01772
- SHA256
  
  99ca854a87b708ab32b6e660302828267d490b43fac47283a3ecc475b93ef679
- SHA512
  
  7a6fd1d34b071c1a0314c0b0100d4209ab158d1070dd092ef61e403585699149b9db177f9d021cab615bf84852788f1f17e41243a817bdd798dbceaf60263410
- SSDEEP
  
  3072:O69kqtwXaQ96B8s+FmENMtPSYL8U4Nww05Vt+UXi/Re:2XiOFmENUKYLt4wsUo
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan