smokeloader | 906c789b8e6257a610c394aaf00418dc5c77cbde2c53cc080fdc45fb0b8d5147 | Triage

Sharing

General

Target

906c789b8e6257a610c394aaf00418dc5c77cbde2c53cc080fdc45fb0b8d5147
Size

262KB
Sample

240529-s82rasbf67
MD5

08c5ed62a9f70d92e2aa9c5784c98d2b
SHA1

21861685a275d8aa9aac3002d8be87ea2ca437fe
SHA256

906c789b8e6257a610c394aaf00418dc5c77cbde2c53cc080fdc45fb0b8d5147
SHA512

fe60707f90845c7456e68b7e3dedc284951cfaab7a39368415b2fded1d98cb662eb78b143c04da63b4fedefa875050f5380f0be12e7d46fe02d596e8d352a978
SSDEEP

1536:R9Js4zOyRr4FmUvBtlCWsnWOKJ//l0dR989Sqp4J4lUYHwf5WicloDKlX+w01lNf:PJ5afJ2WfJ//Kz93N4jk5WSNumh

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  906c789b8e6257a610c394aaf00418dc5c77cbde2c53cc080fdc45fb0b8d5147
- Size
  
  262KB
- MD5
  
  08c5ed62a9f70d92e2aa9c5784c98d2b
- SHA1
  
  21861685a275d8aa9aac3002d8be87ea2ca437fe
- SHA256
  
  906c789b8e6257a610c394aaf00418dc5c77cbde2c53cc080fdc45fb0b8d5147
- SHA512
  
  fe60707f90845c7456e68b7e3dedc284951cfaab7a39368415b2fded1d98cb662eb78b143c04da63b4fedefa875050f5380f0be12e7d46fe02d596e8d352a978
- SSDEEP
  
  1536:R9Js4zOyRr4FmUvBtlCWsnWOKJ//l0dR989Sqp4J4lUYHwf5WicloDKlX+w01lNf:PJ5afJ2WfJ//Kz93N4jk5WSNumh
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan