smokeloader | 8118d445ad9302c7a3d18ae94211222fd793691ed033a3b3c939cb7ab4204ac0 | Triage

Sharing

General

Target

8118d445ad9302c7a3d18ae94211222fd793691ed033a3b3c939cb7ab4204ac0
Size

213KB
Sample

240517-k4msksah5z
MD5

b48a24dfcb012857c40ded0aa5b31a17
SHA1

a8e49f5e4bc8792d398ffb93bc77d3da5290d1fd
SHA256

8118d445ad9302c7a3d18ae94211222fd793691ed033a3b3c939cb7ab4204ac0
SHA512

92903cd5e638d2bebac1f43705126bd1ae595da97d6d36e32832080cab0641f73fd7dff7baf8fe4f34e1d6e2dd54a420f330d0c04274f8040a403d9358f3e39c
SSDEEP

3072:DTAK3CCRlZbR4Sy0ZFbNwjs0UYHvpO57vXi/Rr:/3FTlry0HijTUseo

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8118d445ad9302c7a3d18ae94211222fd793691ed033a3b3c939cb7ab4204ac0
- Size
  
  213KB
- MD5
  
  b48a24dfcb012857c40ded0aa5b31a17
- SHA1
  
  a8e49f5e4bc8792d398ffb93bc77d3da5290d1fd
- SHA256
  
  8118d445ad9302c7a3d18ae94211222fd793691ed033a3b3c939cb7ab4204ac0
- SHA512
  
  92903cd5e638d2bebac1f43705126bd1ae595da97d6d36e32832080cab0641f73fd7dff7baf8fe4f34e1d6e2dd54a420f330d0c04274f8040a403d9358f3e39c
- SSDEEP
  
  3072:DTAK3CCRlZbR4Sy0ZFbNwjs0UYHvpO57vXi/Rr:/3FTlry0HijTUseo
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan