smokeloader | b4bfdfb61a3ea4cc57e65b8810c972872881763a613923364e4e572a07054a72 | Triage

Sharing

General

Target

b4bfdfb61a3ea4cc57e65b8810c972872881763a613923364e4e572a07054a72
Size

257KB
Sample

240527-3c47nadh2x
MD5

008d0dd6970cf588d5538aa84ca98238
SHA1

f56386b9af372047a12f9b0a5fbb0497ac65b2d9
SHA256

b4bfdfb61a3ea4cc57e65b8810c972872881763a613923364e4e572a07054a72
SHA512

a15ae3ceaa6651b5b6c19d501e3b936063ca9efc03edeba646a8cea60bfdd295b57c09853f7db4d210fabdfca9541299f1d1978fd8b888aa0ce10f965625f72a
SSDEEP

3072:eYUTYLpQTrvEs//o14GGhmVn5OwKhLuUe:eY5a4so1bGhmV4wKhLTe

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b4bfdfb61a3ea4cc57e65b8810c972872881763a613923364e4e572a07054a72
- Size
  
  257KB
- MD5
  
  008d0dd6970cf588d5538aa84ca98238
- SHA1
  
  f56386b9af372047a12f9b0a5fbb0497ac65b2d9
- SHA256
  
  b4bfdfb61a3ea4cc57e65b8810c972872881763a613923364e4e572a07054a72
- SHA512
  
  a15ae3ceaa6651b5b6c19d501e3b936063ca9efc03edeba646a8cea60bfdd295b57c09853f7db4d210fabdfca9541299f1d1978fd8b888aa0ce10f965625f72a
- SSDEEP
  
  3072:eYUTYLpQTrvEs//o14GGhmVn5OwKhLuUe:eY5a4so1bGhmV4wKhLTe
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan