smokeloader | 04f4cf2c922257c19f851c4db54a0d8d3533656afaadca73c072f5f7356d3a96 | Triage

Sharing

General

Target

04f4cf2c922257c19f851c4db54a0d8d3533656afaadca73c072f5f7356d3a96
Size

310KB
Sample

240528-hze6tsad8s
MD5

bd16fbd0b7ac1b57d95a555cfe978407
SHA1

828fdf61432eb5bcc8d41a7e0dce6d123a51f439
SHA256

04f4cf2c922257c19f851c4db54a0d8d3533656afaadca73c072f5f7356d3a96
SHA512

34d15e968aa21a0a27876177f6731354361f7d328e7d3f7a8418ebdbc0f3b80115fb0db157f4b208b81325cfd9a83e019e5b3e4bbb50247577faee01ebb6330c
SSDEEP

6144:KuL3KBWvmKm9BHNxwSMDC8+gtP04/raobG7LTlcM:Ku7DvmKm9Bjt8Dt8Mai6VcM

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  04f4cf2c922257c19f851c4db54a0d8d3533656afaadca73c072f5f7356d3a96
- Size
  
  310KB
- MD5
  
  bd16fbd0b7ac1b57d95a555cfe978407
- SHA1
  
  828fdf61432eb5bcc8d41a7e0dce6d123a51f439
- SHA256
  
  04f4cf2c922257c19f851c4db54a0d8d3533656afaadca73c072f5f7356d3a96
- SHA512
  
  34d15e968aa21a0a27876177f6731354361f7d328e7d3f7a8418ebdbc0f3b80115fb0db157f4b208b81325cfd9a83e019e5b3e4bbb50247577faee01ebb6330c
- SSDEEP
  
  6144:KuL3KBWvmKm9BHNxwSMDC8+gtP04/raobG7LTlcM:Ku7DvmKm9Bjt8Dt8Mai6VcM
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan