smokeloader | 30e149c9f8a520cbb67e52858b3cd2005429e2c96c35a37d850b1c1fbcec84de | Triage

Sharing

General

Target

30e149c9f8a520cbb67e52858b3cd2005429e2c96c35a37d850b1c1fbcec84de
Size

256KB
Sample

240527-3n5bssed2t
MD5

3b670bd7b53fa319b100eae57f0da968
SHA1

f96fb954e78226dfb211d71327120e105f32ad48
SHA256

30e149c9f8a520cbb67e52858b3cd2005429e2c96c35a37d850b1c1fbcec84de
SHA512

58da4ca8db00aff9d787de6f1bd5d031b5caa085a28edad0385f2437986a47da671fdbf01ca979791e0fe7b8be6782428b2c3174b3c56d93293bb7cfd2604281
SSDEEP

1536:hfOGmq0esW3zBby/zYLkr5vg2OZEtR0g9NWcb9Dd+QYSf+X70ZdCnDTOM6lXZ5uh:ZPD2LYo5vg2OOJnv+QY8+r6J5uQ0u/e

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  30e149c9f8a520cbb67e52858b3cd2005429e2c96c35a37d850b1c1fbcec84de
- Size
  
  256KB
- MD5
  
  3b670bd7b53fa319b100eae57f0da968
- SHA1
  
  f96fb954e78226dfb211d71327120e105f32ad48
- SHA256
  
  30e149c9f8a520cbb67e52858b3cd2005429e2c96c35a37d850b1c1fbcec84de
- SHA512
  
  58da4ca8db00aff9d787de6f1bd5d031b5caa085a28edad0385f2437986a47da671fdbf01ca979791e0fe7b8be6782428b2c3174b3c56d93293bb7cfd2604281
- SSDEEP
  
  1536:hfOGmq0esW3zBby/zYLkr5vg2OZEtR0g9NWcb9Dd+QYSf+X70ZdCnDTOM6lXZ5uh:ZPD2LYo5vg2OOJnv+QY8+r6J5uQ0u/e
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan