smokeloader | 843ad82984513d049fcbf1258c0a2cf71fd519ad98a272e54ea95d42422a24bb | Triage

Sharing

General

Target

843ad82984513d049fcbf1258c0a2cf71fd519ad98a272e54ea95d42422a24bb.exe
Size

213KB
Sample

240518-lb35jadd21
MD5

29c2d7eec8802f3967aafcd0d16628b1
SHA1

efe099762635d1d6284afb88225029bf89adec5d
SHA256

843ad82984513d049fcbf1258c0a2cf71fd519ad98a272e54ea95d42422a24bb
SHA512

755316646a0fcf8fef69832e33e8c611eb02e9e88e6416f7a19c499acab82f9a0e15d49fa92de70aaa5085f05a591e33456f8df61af5534cdb43c3f652e1502a
SSDEEP

3072:XG6IE/WIaxT8XyWiTmZTb05a+f4IOCX9:N/0oXyWiTQh+fN

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  843ad82984513d049fcbf1258c0a2cf71fd519ad98a272e54ea95d42422a24bb.exe
- Size
  
  213KB
- MD5
  
  29c2d7eec8802f3967aafcd0d16628b1
- SHA1
  
  efe099762635d1d6284afb88225029bf89adec5d
- SHA256
  
  843ad82984513d049fcbf1258c0a2cf71fd519ad98a272e54ea95d42422a24bb
- SHA512
  
  755316646a0fcf8fef69832e33e8c611eb02e9e88e6416f7a19c499acab82f9a0e15d49fa92de70aaa5085f05a591e33456f8df61af5534cdb43c3f652e1502a
- SSDEEP
  
  3072:XG6IE/WIaxT8XyWiTmZTb05a+f4IOCX9:N/0oXyWiTQh+fN
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan