smokeloader | 8c4179e2e89db2886cb0bfb460775f3c8f3a582d08d9e75d99d70fef892efceb | Triage

Sharing

General

Target

8c4179e2e89db2886cb0bfb460775f3c8f3a582d08d9e75d99d70fef892efceb
Size

311KB
Sample

240528-femdasfa4y
MD5

adeb30f26bb93eee06a01249b02e286e
SHA1

34260a7dd44ef6d790fce8d5d92dc524bf9200fa
SHA256

8c4179e2e89db2886cb0bfb460775f3c8f3a582d08d9e75d99d70fef892efceb
SHA512

e58f6e8509e61641973f1c671a70205cd0ab1359d8518c0c7e55134b251dbf6973171e3b3083614e8bd4394bfe7edd937b75a67395449159ab9e69a94a69074d
SSDEEP

6144:AGTWFh7rKvB7/BKt/y3PSyU4x47LTlcM:A5F5KvBlKt/kSyDCVcM

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8c4179e2e89db2886cb0bfb460775f3c8f3a582d08d9e75d99d70fef892efceb
- Size
  
  311KB
- MD5
  
  adeb30f26bb93eee06a01249b02e286e
- SHA1
  
  34260a7dd44ef6d790fce8d5d92dc524bf9200fa
- SHA256
  
  8c4179e2e89db2886cb0bfb460775f3c8f3a582d08d9e75d99d70fef892efceb
- SHA512
  
  e58f6e8509e61641973f1c671a70205cd0ab1359d8518c0c7e55134b251dbf6973171e3b3083614e8bd4394bfe7edd937b75a67395449159ab9e69a94a69074d
- SSDEEP
  
  6144:AGTWFh7rKvB7/BKt/y3PSyU4x47LTlcM:A5F5KvBlKt/kSyDCVcM
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan