smokeloader | 64317fe60db4540ccefabfc349f804ff0814732dc469a41f1275e91927de4d7b | Triage

Sharing

General

Target

64317fe60db4540ccefabfc349f804ff0814732dc469a41f1275e91927de4d7b
Size

214KB
Sample

240517-h8m8ssff59
MD5

10392d333924f838578bac2aa55863da
SHA1

e4300ae0179d01ce894688dc985994996fb82a92
SHA256

64317fe60db4540ccefabfc349f804ff0814732dc469a41f1275e91927de4d7b
SHA512

419bf338faa808a183a474c7efb0306a89a0d98a66f5530959ba4fbbcff2c22257769a03e77e87409db69ec676db34ac3172ec9bbc24b81623a23c057980f3c7
SSDEEP

3072:ndV9FqtlPxYXwBurWhjeEx4sah5w8Xi/Rr:nEPlXhKEisGo

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  64317fe60db4540ccefabfc349f804ff0814732dc469a41f1275e91927de4d7b
- Size
  
  214KB
- MD5
  
  10392d333924f838578bac2aa55863da
- SHA1
  
  e4300ae0179d01ce894688dc985994996fb82a92
- SHA256
  
  64317fe60db4540ccefabfc349f804ff0814732dc469a41f1275e91927de4d7b
- SHA512
  
  419bf338faa808a183a474c7efb0306a89a0d98a66f5530959ba4fbbcff2c22257769a03e77e87409db69ec676db34ac3172ec9bbc24b81623a23c057980f3c7
- SSDEEP
  
  3072:ndV9FqtlPxYXwBurWhjeEx4sah5w8Xi/Rr:nEPlXhKEisGo
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan