smokeloader | 59b562be727536aa9d8498466a0d817c5f09950c5963c953d5c7de1412ec8be8 | Triage

Sharing

General

Target

59b562be727536aa9d8498466a0d817c5f09950c5963c953d5c7de1412ec8be8
Size

315KB
Sample

240528-qblygaee3v
MD5

46eff2a991aa2b6007ad3c9e31d36b3e
SHA1

2dd6bb8682be000071b0ad9d9b136d2e9f6ac198
SHA256

59b562be727536aa9d8498466a0d817c5f09950c5963c953d5c7de1412ec8be8
SHA512

851f870ae67e1454742dad18bddafea89f3cc3839e5086797a22276f959308683fbc674f898951a30fc720a91c7cba98cd1e402e5a7c2a935cfd0ffc0fd6d2fa
SSDEEP

6144:s6qtCFXBMUWWWBNovtO1UbIdXFYxd3i08H+BZTb+el:s6qtCF+UWW22t6FYxF98eZx

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  59b562be727536aa9d8498466a0d817c5f09950c5963c953d5c7de1412ec8be8
- Size
  
  315KB
- MD5
  
  46eff2a991aa2b6007ad3c9e31d36b3e
- SHA1
  
  2dd6bb8682be000071b0ad9d9b136d2e9f6ac198
- SHA256
  
  59b562be727536aa9d8498466a0d817c5f09950c5963c953d5c7de1412ec8be8
- SHA512
  
  851f870ae67e1454742dad18bddafea89f3cc3839e5086797a22276f959308683fbc674f898951a30fc720a91c7cba98cd1e402e5a7c2a935cfd0ffc0fd6d2fa
- SSDEEP
  
  6144:s6qtCFXBMUWWWBNovtO1UbIdXFYxd3i08H+BZTb+el:s6qtCF+UWW22t6FYxF98eZx
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan