smokeloader | a277892b6a1bbd232216842cd1420584d3c130af3eed3f96b272c1a3096052e1 | Triage

Sharing

General

Target

a277892b6a1bbd232216842cd1420584d3c130af3eed3f96b272c1a3096052e1
Size

234KB
Sample

240525-zpaa9saa7z
MD5

31e0d44a174cf7baf1db71ed88368198
SHA1

0a97914378451a628fcb5b8a66a7ecfb380ad538
SHA256

a277892b6a1bbd232216842cd1420584d3c130af3eed3f96b272c1a3096052e1
SHA512

a5addbcde270d89cc9c33604c9822d4fa287339d97a5488f5bd2d388fdf7a2fdd28b68481e1bb101f8bd681a6f88cfbb3aba36252cce42c179e6d1e89414dab3
SSDEEP

6144:3aShjsfZ004MIYfqcdQtidhgc6U257T9T:37hj8y04MIYCWQtcr6

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  a277892b6a1bbd232216842cd1420584d3c130af3eed3f96b272c1a3096052e1
- Size
  
  234KB
- MD5
  
  31e0d44a174cf7baf1db71ed88368198
- SHA1
  
  0a97914378451a628fcb5b8a66a7ecfb380ad538
- SHA256
  
  a277892b6a1bbd232216842cd1420584d3c130af3eed3f96b272c1a3096052e1
- SHA512
  
  a5addbcde270d89cc9c33604c9822d4fa287339d97a5488f5bd2d388fdf7a2fdd28b68481e1bb101f8bd681a6f88cfbb3aba36252cce42c179e6d1e89414dab3
- SSDEEP
  
  6144:3aShjsfZ004MIYfqcdQtidhgc6U257T9T:37hj8y04MIYCWQtcr6
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan