smokeloader | 32118ff63acf10fa7100491a9403eb20aae672ec31005b217c02dae3b6417f01 | Triage

Sharing

General

Target

32118ff63acf10fa7100491a9403eb20aae672ec31005b217c02dae3b6417f01
Size

259KB
Sample

240526-tmpqaacb9z
MD5

e7d21b03ec4a4b2dd306071290a2e474
SHA1

addd20d4049e52d7a23bb5f060757d8cc960e333
SHA256

32118ff63acf10fa7100491a9403eb20aae672ec31005b217c02dae3b6417f01
SHA512

83df16d355725e43826a3a0cfffc98737f5d6847e1d0890acfc6b4467f74e4507f7564500e81bfd6b32eca1774020c42c2f98f9b9c733e5cae044102660d447c
SSDEEP

3072:15cxnR7FPUy8Di+++vs2jOiN3E9dwxB59sU8EjOjllqjEnt7fJzdxLb6xTx7:0xnP8yYO7u3QwT59sZlZFnt7fZ7LWT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  32118ff63acf10fa7100491a9403eb20aae672ec31005b217c02dae3b6417f01
- Size
  
  259KB
- MD5
  
  e7d21b03ec4a4b2dd306071290a2e474
- SHA1
  
  addd20d4049e52d7a23bb5f060757d8cc960e333
- SHA256
  
  32118ff63acf10fa7100491a9403eb20aae672ec31005b217c02dae3b6417f01
- SHA512
  
  83df16d355725e43826a3a0cfffc98737f5d6847e1d0890acfc6b4467f74e4507f7564500e81bfd6b32eca1774020c42c2f98f9b9c733e5cae044102660d447c
- SSDEEP
  
  3072:15cxnR7FPUy8Di+++vs2jOiN3E9dwxB59sU8EjOjllqjEnt7fJzdxLb6xTx7:0xnP8yYO7u3QwT59sZlZFnt7fZ7LWT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan