smokeloader | f6c3e323f616313d3095f66f39e06576c0a220cea9a49a22e75bc98923473ca3 | Triage

Sharing

General

Target

f6c3e323f616313d3095f66f39e06576c0a220cea9a49a22e75bc98923473ca3
Size

261KB
Sample

240530-b5gtaaaa4z
MD5

86124e9c0b2391b835a8f175ffa2eaab
SHA1

9d25dbad8bfc580a70d3f8627d7e713218fcd3e5
SHA256

f6c3e323f616313d3095f66f39e06576c0a220cea9a49a22e75bc98923473ca3
SHA512

76beca8dd213e227a6147a28220596393fee7ef8e64c2e94949edf78f1230a5aae997e4c66da951738ddcfe408f0be51e47906ffa67326f44021de708c8f0e7c
SSDEEP

3072:pLVYSFdt06Q5FffKsIXdpyMUra53dNumh:pBYSFdt0RqsIzyMUrsDumh

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f6c3e323f616313d3095f66f39e06576c0a220cea9a49a22e75bc98923473ca3
- Size
  
  261KB
- MD5
  
  86124e9c0b2391b835a8f175ffa2eaab
- SHA1
  
  9d25dbad8bfc580a70d3f8627d7e713218fcd3e5
- SHA256
  
  f6c3e323f616313d3095f66f39e06576c0a220cea9a49a22e75bc98923473ca3
- SHA512
  
  76beca8dd213e227a6147a28220596393fee7ef8e64c2e94949edf78f1230a5aae997e4c66da951738ddcfe408f0be51e47906ffa67326f44021de708c8f0e7c
- SSDEEP
  
  3072:pLVYSFdt06Q5FffKsIXdpyMUra53dNumh:pBYSFdt0RqsIzyMUrsDumh
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan