smokeloader | 31af53b4d9d35ea77a3f9090df3a1fe7a35e60c496576eb10a0a55e1d676525a | Triage

Sharing

General

Target

31af53b4d9d35ea77a3f9090df3a1fe7a35e60c496576eb10a0a55e1d676525a
Size

287KB
Sample

240527-chyc7acd8v
MD5

41822c53a7eeb4b35f94fbd7b507b115
SHA1

bc55c0f8f23956e68798a63dae753bfe7b4b869d
SHA256

31af53b4d9d35ea77a3f9090df3a1fe7a35e60c496576eb10a0a55e1d676525a
SHA512

838092ed722359c3a92519c72b97e77be29014b43fa21ba78ef45c7a16f85f294df93305214a99cd3f5d77322fc723a5fd5554dcda3ae8519297d91a5f5d5d10
SSDEEP

3072:t5VNl2Y1LW1iYK+LsJNmT5Of8ZKUeSDeztosLdi21v3rzdxLb6ik6l538JL:1Nl3hW1of0hIz+sx9n7LDl5M

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  31af53b4d9d35ea77a3f9090df3a1fe7a35e60c496576eb10a0a55e1d676525a
- Size
  
  287KB
- MD5
  
  41822c53a7eeb4b35f94fbd7b507b115
- SHA1
  
  bc55c0f8f23956e68798a63dae753bfe7b4b869d
- SHA256
  
  31af53b4d9d35ea77a3f9090df3a1fe7a35e60c496576eb10a0a55e1d676525a
- SHA512
  
  838092ed722359c3a92519c72b97e77be29014b43fa21ba78ef45c7a16f85f294df93305214a99cd3f5d77322fc723a5fd5554dcda3ae8519297d91a5f5d5d10
- SSDEEP
  
  3072:t5VNl2Y1LW1iYK+LsJNmT5Of8ZKUeSDeztosLdi21v3rzdxLb6ik6l538JL:1Nl3hW1of0hIz+sx9n7LDl5M
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan