smokeloader | f734ec790014804116568f1c128e2442d4c7649ee8955b307774a9ec3cf44bb9 | Triage

Sharing

General

Target

f734ec790014804116568f1c128e2442d4c7649ee8955b307774a9ec3cf44bb9
Size

186KB
Sample

240519-nc7v8afc8w
MD5

3cad92b0bfde8700294bbc1cc38a5f86
SHA1

6f4f2ac82e7ac19d6c1828744cae0bfb01f8f97e
SHA256

f734ec790014804116568f1c128e2442d4c7649ee8955b307774a9ec3cf44bb9
SHA512

3183df9a8ae5e9acbca8f8126a326c269d57d5fdb86c7073e60bfeb7a45285934af59d913f93102cd6152acc9c4d1fc050868036b6f41e82cb9ac13fa3d05556
SSDEEP

1536:1aZ77z6PWBkjAAujNP1qpFNWM3XZJoOaN08WwkOQMnN2HWVobz/fZeC5264jGEjC:kOdNpFcOaNLV9n4HkK/f0C5264MK

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f734ec790014804116568f1c128e2442d4c7649ee8955b307774a9ec3cf44bb9
- Size
  
  186KB
- MD5
  
  3cad92b0bfde8700294bbc1cc38a5f86
- SHA1
  
  6f4f2ac82e7ac19d6c1828744cae0bfb01f8f97e
- SHA256
  
  f734ec790014804116568f1c128e2442d4c7649ee8955b307774a9ec3cf44bb9
- SHA512
  
  3183df9a8ae5e9acbca8f8126a326c269d57d5fdb86c7073e60bfeb7a45285934af59d913f93102cd6152acc9c4d1fc050868036b6f41e82cb9ac13fa3d05556
- SSDEEP
  
  1536:1aZ77z6PWBkjAAujNP1qpFNWM3XZJoOaN08WwkOQMnN2HWVobz/fZeC5264jGEjC:kOdNpFcOaNLV9n4HkK/f0C5264MK
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan