smokeloader | ef503cd7d7300d0ed66f202871445531109bfbee7d793f6d2655ad7a5a2bb327 | Triage

Sharing

General

Target

ef503cd7d7300d0ed66f202871445531109bfbee7d793f6d2655ad7a5a2bb327
Size

317KB
Sample

240528-ldxersea2s
MD5

09b417c13362092b530ca4a1a2f504c7
SHA1

17637b53dde6aaa208b06090b5822a90679926bf
SHA256

ef503cd7d7300d0ed66f202871445531109bfbee7d793f6d2655ad7a5a2bb327
SHA512

f17b8f36b17d9f488c547953f91898bde313987a64da741fc2322494e8c49e04789de17e2adcd7a22a4bf219e8aec6d7ceb29a5f6b35f34e37cfdccff451b776
SSDEEP

6144:JSiyJA+xUv29eUJ6Ewip0ZfhFcVs+mH7LTlcM4vd:JSnTxUv29eu6E7pefwKVcM41

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ef503cd7d7300d0ed66f202871445531109bfbee7d793f6d2655ad7a5a2bb327
- Size
  
  317KB
- MD5
  
  09b417c13362092b530ca4a1a2f504c7
- SHA1
  
  17637b53dde6aaa208b06090b5822a90679926bf
- SHA256
  
  ef503cd7d7300d0ed66f202871445531109bfbee7d793f6d2655ad7a5a2bb327
- SHA512
  
  f17b8f36b17d9f488c547953f91898bde313987a64da741fc2322494e8c49e04789de17e2adcd7a22a4bf219e8aec6d7ceb29a5f6b35f34e37cfdccff451b776
- SSDEEP
  
  6144:JSiyJA+xUv29eUJ6Ewip0ZfhFcVs+mH7LTlcM4vd:JSnTxUv29eu6E7pefwKVcM41
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan