smokeloader | 271af1935d375377b09fcdf9645c482cacb258f4c0a3da8c971b3bf00d018bb3 | Triage

Sharing

General

Target

271af1935d375377b09fcdf9645c482cacb258f4c0a3da8c971b3bf00d018bb3
Size

181KB
Sample

240521-xwylbsfe4t
MD5

4a27ba654b519c2d045dbc20d5dc8a47
SHA1

beb49df05b81bcd0c981dda4b655363110f71d7c
SHA256

271af1935d375377b09fcdf9645c482cacb258f4c0a3da8c971b3bf00d018bb3
SHA512

01cd78a47fe23091b1ebbaaeaf0c0fe5149cbc6d0320bb0a3f3483610f7ce699b44a322575fef553ceadc4143d57e8977f7d26daa2a42e38e0851d0bd79cff29
SSDEEP

3072:2hbc6RL+FcjvyllDwVivB/lyRu5cA9QFq83zcJQIurRWm/4:25jj6jwVOtqA9QFq83zcJQIurRWm

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  271af1935d375377b09fcdf9645c482cacb258f4c0a3da8c971b3bf00d018bb3
- Size
  
  181KB
- MD5
  
  4a27ba654b519c2d045dbc20d5dc8a47
- SHA1
  
  beb49df05b81bcd0c981dda4b655363110f71d7c
- SHA256
  
  271af1935d375377b09fcdf9645c482cacb258f4c0a3da8c971b3bf00d018bb3
- SHA512
  
  01cd78a47fe23091b1ebbaaeaf0c0fe5149cbc6d0320bb0a3f3483610f7ce699b44a322575fef553ceadc4143d57e8977f7d26daa2a42e38e0851d0bd79cff29
- SSDEEP
  
  3072:2hbc6RL+FcjvyllDwVivB/lyRu5cA9QFq83zcJQIurRWm/4:25jj6jwVOtqA9QFq83zcJQIurRWm
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan