smokeloader | ff5d04a87f7a83963ac6003894e2b193df2b2ed9bcc51fcfcfb16719a0b758e2 | Triage

Sharing

General

Target

ff5d04a87f7a83963ac6003894e2b193df2b2ed9bcc51fcfcfb16719a0b758e2
Size

210KB
Sample

240521-swnznsae5x
MD5

03851169972c57b6cb06afd3173d9364
SHA1

164dd969cb5da022c581a5f3afd965c19b04a302
SHA256

ff5d04a87f7a83963ac6003894e2b193df2b2ed9bcc51fcfcfb16719a0b758e2
SHA512

87e2ec6cdca29bf031c91a602bfd642439f119564e1a159c823b628d1aa6fcb3b5c41b4988af67cd97434c2af7b8cf352ffd923305c100951c7a031411546ab7
SSDEEP

1536:r8o37NbC7g8u1LyoZPYCHTsxppU1ZaMF1KQ5uWvhiLFNYd5PttCt0o5GvXS2eh2w:Vdz8xsgLwZIQ5Dvhe+f3Ut5e

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ff5d04a87f7a83963ac6003894e2b193df2b2ed9bcc51fcfcfb16719a0b758e2
- Size
  
  210KB
- MD5
  
  03851169972c57b6cb06afd3173d9364
- SHA1
  
  164dd969cb5da022c581a5f3afd965c19b04a302
- SHA256
  
  ff5d04a87f7a83963ac6003894e2b193df2b2ed9bcc51fcfcfb16719a0b758e2
- SHA512
  
  87e2ec6cdca29bf031c91a602bfd642439f119564e1a159c823b628d1aa6fcb3b5c41b4988af67cd97434c2af7b8cf352ffd923305c100951c7a031411546ab7
- SSDEEP
  
  1536:r8o37NbC7g8u1LyoZPYCHTsxppU1ZaMF1KQ5uWvhiLFNYd5PttCt0o5GvXS2eh2w:Vdz8xsgLwZIQ5Dvhe+f3Ut5e
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan