smokeloader | bfb942560f04af6182a3f761bcca82a2baf908baa9ad08cc32d0c2dc64c48bde | Triage

Sharing

General

Target

1d2eb16a19024d792edd45a21be020dc.bin
Size

108KB
Sample

240704-bdbsyswanl
MD5

cc807c91ce579678ec3a5ffeac9132dc
SHA1

33fadb538be82d3154dda2b0d03b8c3669059d46
SHA256

bfb942560f04af6182a3f761bcca82a2baf908baa9ad08cc32d0c2dc64c48bde
SHA512

6735a727138c085f928e847494167bb87c77ae0949d3a25814d84ef2c9a1ee4e5e51bc4e78b9820a942597871c2db380dcd23055d26b023c2a7ec9ade5bca592
SSDEEP

3072:E+be9VCrOB1T7zxwyv22X+dojWC1sS8oyZwzA4:TfaB1T75hjWER8oj

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  ea3ee2e3e5558a8267f3f5093144debf3263b5d3dea1598fa59ef7bde043c2b9.exe
- Size
  
  171KB
- MD5
  
  1d2eb16a19024d792edd45a21be020dc
- SHA1
  
  349dc233972770618fdfbb9c8b577725a07ac3e6
- SHA256
  
  ea3ee2e3e5558a8267f3f5093144debf3263b5d3dea1598fa59ef7bde043c2b9
- SHA512
  
  2a9fe5dbe8138f9100f35571827726cd937dd7add3a6386757db7f49302e9695be05dea1dbc8d150c32c5233d22dd55f8de74e5f5c6abe5f941953c246e77a6e
- SSDEEP
  
  3072:+15PL3R0U3l6pw3gXXgb3du+FqQT52dQMDXO1KuU3:k5PL3R0UVNeXgb3du+FlUay7
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan