smokeloader | ae6b8abecd884d6d2a6f3879f2deed20e5ba43d2d2c100b7aa9d884b8933e0fa | Triage

Sharing

General

Target

ae6b8abecd884d6d2a6f3879f2deed20e5ba43d2d2c100b7aa9d884b8933e0fa
Size

223KB
Sample

240520-3ba77abd5v
MD5

c124bb4285fc52d47348d7aac1565663
SHA1

a6be6a133146469aef52d1120e7883a2fa14c13f
SHA256

ae6b8abecd884d6d2a6f3879f2deed20e5ba43d2d2c100b7aa9d884b8933e0fa
SHA512

c40f05d281bb30965afda6ccf657e746e71ebd23b9c644e1df32531fcfff7d6142d31ef647fe49357da501db00c7bc251c261b90cb812bae1b5d25947e36d6bd
SSDEEP

3072:zJijjAq0c/ntyKO7fN+HZ/TAvCJ9NFVQi/i1zaYe+K8kKwLmTAKh1aiRmEWjLYS:zuc3P7bNVmVQiqAYDK1L6AKh1ai8T3Y

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ae6b8abecd884d6d2a6f3879f2deed20e5ba43d2d2c100b7aa9d884b8933e0fa
- Size
  
  223KB
- MD5
  
  c124bb4285fc52d47348d7aac1565663
- SHA1
  
  a6be6a133146469aef52d1120e7883a2fa14c13f
- SHA256
  
  ae6b8abecd884d6d2a6f3879f2deed20e5ba43d2d2c100b7aa9d884b8933e0fa
- SHA512
  
  c40f05d281bb30965afda6ccf657e746e71ebd23b9c644e1df32531fcfff7d6142d31ef647fe49357da501db00c7bc251c261b90cb812bae1b5d25947e36d6bd
- SSDEEP
  
  3072:zJijjAq0c/ntyKO7fN+HZ/TAvCJ9NFVQi/i1zaYe+K8kKwLmTAKh1aiRmEWjLYS:zuc3P7bNVmVQiqAYDK1L6AKh1ai8T3Y
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan