smokeloader | f7db26d0f5da976986ee8e1aef9ee20e233241d27ead450131405afab3d56b45 | Triage

Sharing

General

Target

f7db26d0f5da976986ee8e1aef9ee20e233241d27ead450131405afab3d56b45
Size

178KB
Sample

240519-f534qsce88
MD5

2ebf785c75272415e41e499ec257b6f1
SHA1

4085dca6206233173afcf978173b7b76a4acbef0
SHA256

f7db26d0f5da976986ee8e1aef9ee20e233241d27ead450131405afab3d56b45
SHA512

059575c06a2bfc8202f57c9807c9b9397756686ca1bb371d62b46d33bd66cd76aa95dfd55ff8afd32829fc96ad93290d3bd0ebd2433489a36fb6287982e1315d
SSDEEP

3072:16WynXweVeTKMKsaZjnFRfNzCIe54irc2ref5qd:VyX38mLBZnFRy7Y26I

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f7db26d0f5da976986ee8e1aef9ee20e233241d27ead450131405afab3d56b45
- Size
  
  178KB
- MD5
  
  2ebf785c75272415e41e499ec257b6f1
- SHA1
  
  4085dca6206233173afcf978173b7b76a4acbef0
- SHA256
  
  f7db26d0f5da976986ee8e1aef9ee20e233241d27ead450131405afab3d56b45
- SHA512
  
  059575c06a2bfc8202f57c9807c9b9397756686ca1bb371d62b46d33bd66cd76aa95dfd55ff8afd32829fc96ad93290d3bd0ebd2433489a36fb6287982e1315d
- SSDEEP
  
  3072:16WynXweVeTKMKsaZjnFRfNzCIe54irc2ref5qd:VyX38mLBZnFRy7Y26I
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan