smokeloader | 31437ed4b0dd7df39991f1cfe52f72c043fc588d482aa55b111b633fe33bed51 | Triage

Sharing

General

Target

31437ed4b0dd7df39991f1cfe52f72c043fc588d482aa55b111b633fe33bed51
Size

214KB
Sample

240517-lwxhgsce5s
MD5

07e688dd949daa10831d41f87cf88e75
SHA1

461e8e81a34262e6fc5d9663528294fabc97f5ab
SHA256

31437ed4b0dd7df39991f1cfe52f72c043fc588d482aa55b111b633fe33bed51
SHA512

f8ef831ab4864deb86ad581478b69634eff4b83bda04099a26662ed18a368a79ba98b6f2234f84f6178318cb376c9d8f948b1dfcaa3735e4d2b542b1b9232147
SSDEEP

3072:jcdHEHcOsGHe68OHqZmRLjz3B45Y2bOXi/Rx:ZH7HSm13R2bOo

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  31437ed4b0dd7df39991f1cfe52f72c043fc588d482aa55b111b633fe33bed51
- Size
  
  214KB
- MD5
  
  07e688dd949daa10831d41f87cf88e75
- SHA1
  
  461e8e81a34262e6fc5d9663528294fabc97f5ab
- SHA256
  
  31437ed4b0dd7df39991f1cfe52f72c043fc588d482aa55b111b633fe33bed51
- SHA512
  
  f8ef831ab4864deb86ad581478b69634eff4b83bda04099a26662ed18a368a79ba98b6f2234f84f6178318cb376c9d8f948b1dfcaa3735e4d2b542b1b9232147
- SSDEEP
  
  3072:jcdHEHcOsGHe68OHqZmRLjz3B45Y2bOXi/Rx:ZH7HSm13R2bOo
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan