smokeloader | df4ea15df740f004d61af4328b44049ed136a85f13cde7721f70267079e62863 | Triage

Sharing

General

Target

df4ea15df740f004d61af4328b44049ed136a85f13cde7721f70267079e62863
Size

257KB
Sample

240527-yadvgafd3y
MD5

32685b36f7414ff7a3434cc6735d0a62
SHA1

6c2fb6e5c985623123873f873c2dfeaf62eb61b5
SHA256

df4ea15df740f004d61af4328b44049ed136a85f13cde7721f70267079e62863
SHA512

2c37c3b0a47193ca257e57467258a4a34c0f98c5520f47ba4872e49c5e5fa457fb31ef6f5387fc995fdd4f038605392fcf4898b58a6235e1380f20542c2ac5a2
SSDEEP

3072:QYUTY3pQTrdPdSxHN1U86WEa80n5O/qj9LuU/:QYZapiHfX6WEa34/+LT/

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  df4ea15df740f004d61af4328b44049ed136a85f13cde7721f70267079e62863
- Size
  
  257KB
- MD5
  
  32685b36f7414ff7a3434cc6735d0a62
- SHA1
  
  6c2fb6e5c985623123873f873c2dfeaf62eb61b5
- SHA256
  
  df4ea15df740f004d61af4328b44049ed136a85f13cde7721f70267079e62863
- SHA512
  
  2c37c3b0a47193ca257e57467258a4a34c0f98c5520f47ba4872e49c5e5fa457fb31ef6f5387fc995fdd4f038605392fcf4898b58a6235e1380f20542c2ac5a2
- SSDEEP
  
  3072:QYUTY3pQTrdPdSxHN1U86WEa80n5O/qj9LuU/:QYZapiHfX6WEa34/+LT/
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan