smokeloader | 47b422ffc5f514e6a6c353c7a8c2dbac418b376a16ae5959edde3dcf8d48d6c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47b422ffc5f514e6a6c353c7a8c2dbac418b376a16ae5959edde3dcf8d48d6c9
Size

260KB
Sample

240526-1zhwtsee85
MD5

efdf33fdadb58c109e3811a2db514904
SHA1

df9e5d884f0e5582337646041be08b9a031a94b4
SHA256

47b422ffc5f514e6a6c353c7a8c2dbac418b376a16ae5959edde3dcf8d48d6c9
SHA512

66ccb96280f01972104093637be02805aca3c4c0286d372a0d4f96ecb0cea82b2dfce7e30f2369013e02a4c947ab17ebf2cad538e16639230f9735e0da880ca8
SSDEEP

6144:6xp2H/g13CbsHpN5hWFiG1EG0c8Mj9Sg7LWT:k2I1SbaE/x9SQa

Score

10^/10

smokeloader pub4 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  47b422ffc5f514e6a6c353c7a8c2dbac418b376a16ae5959edde3dcf8d48d6c9
- Size
  
  260KB
- MD5
  
  efdf33fdadb58c109e3811a2db514904
- SHA1
  
  df9e5d884f0e5582337646041be08b9a031a94b4
- SHA256
  
  47b422ffc5f514e6a6c353c7a8c2dbac418b376a16ae5959edde3dcf8d48d6c9
- SHA512
  
  66ccb96280f01972104093637be02805aca3c4c0286d372a0d4f96ecb0cea82b2dfce7e30f2369013e02a4c947ab17ebf2cad538e16639230f9735e0da880ca8
- SSDEEP
  
  6144:6xp2H/g13CbsHpN5hWFiG1EG0c8Mj9Sg7LWT:k2I1SbaE/x9SQa
Score

10^/10

smokeloader pub4 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoortrojan