smokeloader | 5ec5c1eaf82e6e3a2ee0b62b4b8e2496f15db979b5c19d09fb6e2950fa6416b5 | Triage

Sharing

General

Target

5ec5c1eaf82e6e3a2ee0b62b4b8e2496f15db979b5c19d09fb6e2950fa6416b5
Size

310KB
Sample

240624-k7a8ysyank
MD5

fd59b2eb28ae85892a9a7ea3353568f7
SHA1

b925514b253acb3074b5ea4c4f13b10f4e56537b
SHA256

5ec5c1eaf82e6e3a2ee0b62b4b8e2496f15db979b5c19d09fb6e2950fa6416b5
SHA512

14c3411dfb20c34c5275382058ab1ee335dafcb467af37d09d191d2bee1ac4292ba628994d6d8f520c9b23f7c3c24452e10537e2ffe406b0775d7f3b375dc7a5
SSDEEP

3072:nEmDL96k2joaSXzlyigckcXA3ZkqK3zJS5P9CNkN3GP:nEsL4k2kRobt3ZK3zS9

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  5ec5c1eaf82e6e3a2ee0b62b4b8e2496f15db979b5c19d09fb6e2950fa6416b5
- Size
  
  310KB
- MD5
  
  fd59b2eb28ae85892a9a7ea3353568f7
- SHA1
  
  b925514b253acb3074b5ea4c4f13b10f4e56537b
- SHA256
  
  5ec5c1eaf82e6e3a2ee0b62b4b8e2496f15db979b5c19d09fb6e2950fa6416b5
- SHA512
  
  14c3411dfb20c34c5275382058ab1ee335dafcb467af37d09d191d2bee1ac4292ba628994d6d8f520c9b23f7c3c24452e10537e2ffe406b0775d7f3b375dc7a5
- SSDEEP
  
  3072:nEmDL96k2joaSXzlyigckcXA3ZkqK3zJS5P9CNkN3GP:nEsL4k2kRobt3ZK3zS9
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan