smokeloader | 7d5961b64d45bd62968eca15f2811c7aa1df243dcc57e5aafdf4de2f4f47c9c3 | Triage

Sharing

General

Target

7d5961b64d45bd62968eca15f2811c7aa1df243dcc57e5aafdf4de2f4f47c9c3
Size

241KB
Sample

240527-s1h9zsab58
MD5

3ff8b168b8a7f04d48afb6972d7732a0
SHA1

7d912a7b220f440b32a6847c7fd2ed5897b56a5d
SHA256

7d5961b64d45bd62968eca15f2811c7aa1df243dcc57e5aafdf4de2f4f47c9c3
SHA512

7175e2e202ec82ec740c679285e5a6b1bd86c9c6717a6d0e112c122ed2a901027b57fda71d83438e00763a3374b01f9b48b24df23b894c0f8bc7dd78dd7ea169
SSDEEP

1536:IM8WdGb6f+kqO2UbXhk0LkQ2a8MOFP7kkW3o7QdQpRTc3kSrjo6Z8oXrNh5ry/IY:tJQ9/0Mnl7kxo3Lw0nobD5ryu95Luj/

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  7d5961b64d45bd62968eca15f2811c7aa1df243dcc57e5aafdf4de2f4f47c9c3
- Size
  
  241KB
- MD5
  
  3ff8b168b8a7f04d48afb6972d7732a0
- SHA1
  
  7d912a7b220f440b32a6847c7fd2ed5897b56a5d
- SHA256
  
  7d5961b64d45bd62968eca15f2811c7aa1df243dcc57e5aafdf4de2f4f47c9c3
- SHA512
  
  7175e2e202ec82ec740c679285e5a6b1bd86c9c6717a6d0e112c122ed2a901027b57fda71d83438e00763a3374b01f9b48b24df23b894c0f8bc7dd78dd7ea169
- SSDEEP
  
  1536:IM8WdGb6f+kqO2UbXhk0LkQ2a8MOFP7kkW3o7QdQpRTc3kSrjo6Z8oXrNh5ry/IY:tJQ9/0Mnl7kxo3Lw0nobD5ryu95Luj/
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan