smokeloader | 5869616304164866310b30fe134df503ac048772644e84fb7ca741d25f877bc5 | Triage

Sharing

General

Target

5869616304164866310b30fe134df503ac048772644e84fb7ca741d25f877bc5.exe
Size

180KB
Sample

240522-x2fmpsdd7t
MD5

0eebd247bcfcfc1aa168d84a17e82900
SHA1

55015d540bc608911d1a27387e4e3887b5484178
SHA256

5869616304164866310b30fe134df503ac048772644e84fb7ca741d25f877bc5
SHA512

a5bc41f80a7e0b3d5f7508bc8ebf9a5d114cd32fd3d5bd912b7d17cfa69236bb6de11ca68fd01f53261c51ffb29ae71577bc8c746fd5420c681de2e0bde17019
SSDEEP

3072:2HKc6un+kbGlJ+KfiNA7+ekurlDCieY5:2+W+JfiC7DkGpRe

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  5869616304164866310b30fe134df503ac048772644e84fb7ca741d25f877bc5.exe
- Size
  
  180KB
- MD5
  
  0eebd247bcfcfc1aa168d84a17e82900
- SHA1
  
  55015d540bc608911d1a27387e4e3887b5484178
- SHA256
  
  5869616304164866310b30fe134df503ac048772644e84fb7ca741d25f877bc5
- SHA512
  
  a5bc41f80a7e0b3d5f7508bc8ebf9a5d114cd32fd3d5bd912b7d17cfa69236bb6de11ca68fd01f53261c51ffb29ae71577bc8c746fd5420c681de2e0bde17019
- SSDEEP
  
  3072:2HKc6un+kbGlJ+KfiNA7+ekurlDCieY5:2+W+JfiC7DkGpRe
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan