smokeloader | f6fdefc706e46c2162b28b3c4c968ce49aea5ccac02ad41aa48adc30fe2fa77d | Triage

Sharing

General

Target

f6fdefc706e46c2162b28b3c4c968ce49aea5ccac02ad41aa48adc30fe2fa77d
Size

234KB
Sample

240526-hg5c1abb93
MD5

70c5475699dcc65d50a7539fb91b8217
SHA1

c36af073dd4aafb8e9f471df24c4a9b7d78bfa80
SHA256

f6fdefc706e46c2162b28b3c4c968ce49aea5ccac02ad41aa48adc30fe2fa77d
SHA512

78ad5b917df999ab76054f06ff936a42de2c2eb6cc7d19e8e473b109a5102439aae0fbebcf9214b04485b90bef5c5dea0dec41d4135e7c19459d99a8be717766
SSDEEP

3072:05yhGOBTlC2GNy+WlKfz434B3sxLe4k0PRs+8yi4Pcxd0cGnHT8:/DTl9/Q4xvk05s+8CPcxdfGnHT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f6fdefc706e46c2162b28b3c4c968ce49aea5ccac02ad41aa48adc30fe2fa77d
- Size
  
  234KB
- MD5
  
  70c5475699dcc65d50a7539fb91b8217
- SHA1
  
  c36af073dd4aafb8e9f471df24c4a9b7d78bfa80
- SHA256
  
  f6fdefc706e46c2162b28b3c4c968ce49aea5ccac02ad41aa48adc30fe2fa77d
- SHA512
  
  78ad5b917df999ab76054f06ff936a42de2c2eb6cc7d19e8e473b109a5102439aae0fbebcf9214b04485b90bef5c5dea0dec41d4135e7c19459d99a8be717766
- SSDEEP
  
  3072:05yhGOBTlC2GNy+WlKfz434B3sxLe4k0PRs+8yi4Pcxd0cGnHT8:/DTl9/Q4xvk05s+8CPcxdfGnHT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan