smokeloader | 86517d5e7b09995ea77fcb76fda669530e537477b2f28774d3d71b29ea67f9ed | Triage

Sharing

General

Target

86517d5e7b09995ea77fcb76fda669530e537477b2f28774d3d71b29ea67f9ed
Size

230KB
Sample

240518-abxf7sab29
MD5

9ddf4782a8f83d481dd06043596a4f04
SHA1

13d00c03faf0667519f617c5c6473b12739587a6
SHA256

86517d5e7b09995ea77fcb76fda669530e537477b2f28774d3d71b29ea67f9ed
SHA512

f329c34350d2b41d6d67ed23f7a7cebfb87d8658ad88594f7cafc0553364de3f7808fca3df6afbd47cdc5c412a64a00f99e45214ef1ae86804360cb832ea6e35
SSDEEP

3072:yTZW6jW63hcylXdfsJW++5eagbXs72CxgVBSK3QeRF5pSMoNz3CsJd3UzRPT3Bbe:A6MlkWaLMeFgEoNDCs4zRPT3/

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  86517d5e7b09995ea77fcb76fda669530e537477b2f28774d3d71b29ea67f9ed
- Size
  
  230KB
- MD5
  
  9ddf4782a8f83d481dd06043596a4f04
- SHA1
  
  13d00c03faf0667519f617c5c6473b12739587a6
- SHA256
  
  86517d5e7b09995ea77fcb76fda669530e537477b2f28774d3d71b29ea67f9ed
- SHA512
  
  f329c34350d2b41d6d67ed23f7a7cebfb87d8658ad88594f7cafc0553364de3f7808fca3df6afbd47cdc5c412a64a00f99e45214ef1ae86804360cb832ea6e35
- SSDEEP
  
  3072:yTZW6jW63hcylXdfsJW++5eagbXs72CxgVBSK3QeRF5pSMoNz3CsJd3UzRPT3Bbe:A6MlkWaLMeFgEoNDCs4zRPT3/
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan