smokeloader | dfb24443852647217f54bc9078e59394e1c81109c9c57678b5aa535b4133a372 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb24443852647217f54bc9078e59394e1c81109c9c57678b5aa535b4133a372.exe
Size

165KB
Sample

240709-crm9kstdrf
MD5

cef7011863f8da109aba1eced3ba4c0b
SHA1

2ab4c693d50dfc7688f2389dc148ffed1d4ab3d9
SHA256

dfb24443852647217f54bc9078e59394e1c81109c9c57678b5aa535b4133a372
SHA512

69b9a250bad9db0b630aecd58257cb0c266e2f44a45d857da33ebbf98f71d517f3a3070909c9927b2bc89d52cd3ed23498f738a822fb8ce545595d79e6f4b634
SSDEEP

3072:spLoIIcQNyWtmIfDdoJ33i5WxdoxYs1y3m2PE9w:QLoTZN+IfDdoFxdoxYsiP

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  dfb24443852647217f54bc9078e59394e1c81109c9c57678b5aa535b4133a372.exe
- Size
  
  165KB
- MD5
  
  cef7011863f8da109aba1eced3ba4c0b
- SHA1
  
  2ab4c693d50dfc7688f2389dc148ffed1d4ab3d9
- SHA256
  
  dfb24443852647217f54bc9078e59394e1c81109c9c57678b5aa535b4133a372
- SHA512
  
  69b9a250bad9db0b630aecd58257cb0c266e2f44a45d857da33ebbf98f71d517f3a3070909c9927b2bc89d52cd3ed23498f738a822fb8ce545595d79e6f4b634
- SSDEEP
  
  3072:spLoIIcQNyWtmIfDdoJ33i5WxdoxYs1y3m2PE9w:QLoTZN+IfDdoFxdoxYsiP
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan