smokeloader | 3675dc1eb66e11fea74d1b395e43efe91bff0ffae26e32ce865cea629b4668e7 | Triage

Sharing

General

Target

3675dc1eb66e11fea74d1b395e43efe91bff0ffae26e32ce865cea629b4668e7
Size

170KB
Sample

240519-bx3e1sbd5s
MD5

bdb36cbb13987db21da3c53182ae0f77
SHA1

0e8eb63b477a12d27526948eb785f4d5d795ac29
SHA256

3675dc1eb66e11fea74d1b395e43efe91bff0ffae26e32ce865cea629b4668e7
SHA512

119408d0c3bc98fab25ccffabf1b08b12064ed9d6532ba5b3cbaa5fead83b295e8623a97dbf7178f3c170b74d5a2958adddab484454ddc041584552d3b717b05
SSDEEP

1536:iDriAzZTzbjzOPQPNZ1JOCkdoSs+4MpNKFyjE732KP8rf5VGieLWi5sBdFrtg:t4PNJOZlpNmyAmD5AieLP

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  3675dc1eb66e11fea74d1b395e43efe91bff0ffae26e32ce865cea629b4668e7
- Size
  
  170KB
- MD5
  
  bdb36cbb13987db21da3c53182ae0f77
- SHA1
  
  0e8eb63b477a12d27526948eb785f4d5d795ac29
- SHA256
  
  3675dc1eb66e11fea74d1b395e43efe91bff0ffae26e32ce865cea629b4668e7
- SHA512
  
  119408d0c3bc98fab25ccffabf1b08b12064ed9d6532ba5b3cbaa5fead83b295e8623a97dbf7178f3c170b74d5a2958adddab484454ddc041584552d3b717b05
- SSDEEP
  
  1536:iDriAzZTzbjzOPQPNZ1JOCkdoSs+4MpNKFyjE732KP8rf5VGieLWi5sBdFrtg:t4PNJOZlpNmyAmD5AieLP
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan