smokeloader | 5304570fc1321533cbe580ae22834fcd891569cfbcc8b6b75b889183903e63e3 | Triage

Sharing

General

Target

5304570fc1321533cbe580ae22834fcd891569cfbcc8b6b75b889183903e63e3
Size

224KB
Sample

240520-yjhvsafb5y
MD5

041bb04450507ca1efcd52637145858e
SHA1

93cc9720b3a2ecbf8f0c0172e625b25b87aa0d0e
SHA256

5304570fc1321533cbe580ae22834fcd891569cfbcc8b6b75b889183903e63e3
SHA512

ffdc1d4f1225940e94624d71658c9167482dbd26b13fc32faac3d135d286b3cc6accec4e0e0baaea08e12588674e0b922e326db1d66b5a5f1b94bdc7a2410eaf
SSDEEP

3072:B29W7DBd8H8aW0bJVwN+vZ/ToT7kULwTaNSifq/cCwP28Ys84FCw3Q39yymEWjLl:BBhd1aPgNJozTz4lP2684Bg39yHT3Y

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  5304570fc1321533cbe580ae22834fcd891569cfbcc8b6b75b889183903e63e3
- Size
  
  224KB
- MD5
  
  041bb04450507ca1efcd52637145858e
- SHA1
  
  93cc9720b3a2ecbf8f0c0172e625b25b87aa0d0e
- SHA256
  
  5304570fc1321533cbe580ae22834fcd891569cfbcc8b6b75b889183903e63e3
- SHA512
  
  ffdc1d4f1225940e94624d71658c9167482dbd26b13fc32faac3d135d286b3cc6accec4e0e0baaea08e12588674e0b922e326db1d66b5a5f1b94bdc7a2410eaf
- SSDEEP
  
  3072:B29W7DBd8H8aW0bJVwN+vZ/ToT7kULwTaNSifq/cCwP28Ys84FCw3Q39yymEWjLl:BBhd1aPgNJozTz4lP2684Bg39yHT3Y
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan