smokeloader | a05ba24c06200a71272a30f5e2d91b017d810cb91787ddefa73917c3c74bea23 | Triage

Sharing

General

Target

a05ba24c06200a71272a30f5e2d91b017d810cb91787ddefa73917c3c74bea23
Size

233KB
Sample

240526-m6e7magg89
MD5

172f983807439978fc99f21c84902b38
SHA1

34b57281a3824c3505b0ef19c77b969d248a881d
SHA256

a05ba24c06200a71272a30f5e2d91b017d810cb91787ddefa73917c3c74bea23
SHA512

c04b2a385e9bf453c2c9ae4ef1b9ce4ce66b456eb8c7578f16f1daddc414afbae4ccf3cdd500e63b62ad722d06fa9a61e6e272a053c71187c03b19384ac706df
SSDEEP

3072:R5eesQvkvxT7qrWqzi+orEM1m/jGGLJVHIY/n4ootOEYzJehwTJ:S/xf8PziajL0OEYzJKwT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  a05ba24c06200a71272a30f5e2d91b017d810cb91787ddefa73917c3c74bea23
- Size
  
  233KB
- MD5
  
  172f983807439978fc99f21c84902b38
- SHA1
  
  34b57281a3824c3505b0ef19c77b969d248a881d
- SHA256
  
  a05ba24c06200a71272a30f5e2d91b017d810cb91787ddefa73917c3c74bea23
- SHA512
  
  c04b2a385e9bf453c2c9ae4ef1b9ce4ce66b456eb8c7578f16f1daddc414afbae4ccf3cdd500e63b62ad722d06fa9a61e6e272a053c71187c03b19384ac706df
- SSDEEP
  
  3072:R5eesQvkvxT7qrWqzi+orEM1m/jGGLJVHIY/n4ootOEYzJehwTJ:S/xf8PziajL0OEYzJKwT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan