smokeloader | 876ec57a6de326532920c5f9cf8d37cc31955fd12489481a4d8a4abdf9994b68 | Triage

Sharing

General

Target

876ec57a6de326532920c5f9cf8d37cc31955fd12489481a4d8a4abdf9994b68
Size

316KB
Sample

240528-phdp1ach91
MD5

a0bb5fb7dc300ebd12849f2e2ea4594f
SHA1

ad3342f44d1c2702a9fcf892093f980c88c88c55
SHA256

876ec57a6de326532920c5f9cf8d37cc31955fd12489481a4d8a4abdf9994b68
SHA512

ab73ae22323f26cd534f50fe4bb18cf180d6445d1dd8fd8ff8de7b61ec0a894e9a19c109d5802b43d8cdab1742e4753b9517d8c6fa8ccba80b192a5910f9e174
SSDEEP

6144:mchwJ7Af4FcD83rTb4QJhw8K+yXhA50o3mZTb+el:mchMAf4+D83UQJhwj67mZx

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  876ec57a6de326532920c5f9cf8d37cc31955fd12489481a4d8a4abdf9994b68
- Size
  
  316KB
- MD5
  
  a0bb5fb7dc300ebd12849f2e2ea4594f
- SHA1
  
  ad3342f44d1c2702a9fcf892093f980c88c88c55
- SHA256
  
  876ec57a6de326532920c5f9cf8d37cc31955fd12489481a4d8a4abdf9994b68
- SHA512
  
  ab73ae22323f26cd534f50fe4bb18cf180d6445d1dd8fd8ff8de7b61ec0a894e9a19c109d5802b43d8cdab1742e4753b9517d8c6fa8ccba80b192a5910f9e174
- SSDEEP
  
  6144:mchwJ7Af4FcD83rTb4QJhw8K+yXhA50o3mZTb+el:mchMAf4+D83UQJhwj67mZx
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan