smokeloader | 12d5c7135c8536fdfa3bbe0dbd012187a49d96ab91cf0cbebd8d15c19638f8d7 | Triage

Resubmissions

10/07/2024, 08:57

240710-kwvs8aybrp 10

10/07/2024, 07:01

240710-htl27avhpf 10

Sharing

Copy URL Twitter E-mail

General

Target

12d5c7135c8536fdfa3bbe0dbd012187a49d96ab91cf0cbebd8d15c19638f8d7
Size

314KB
Sample

240710-kwvs8aybrp
MD5

a3dfb8d17fccff00dc067a251a751ad0
SHA1

4ef99db632fab658acddd56884a1761ab96d7b1b
SHA256

12d5c7135c8536fdfa3bbe0dbd012187a49d96ab91cf0cbebd8d15c19638f8d7
SHA512

c13a8f4c21d5e9bde4618c1510b1d1443258d28df5d2a7d0df6d57283a92c39e4a178db1a4170b2f4e93c62eb0e19f2efa804b94ce06f697d5e329b0d141320d
SSDEEP

3072:Aa30MOjV1gIoNJS3CpNDU9zyZY8cf7ni66Umwp8JdM:tE/3bCTUhyZonD6UJp8TM

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  12d5c7135c8536fdfa3bbe0dbd012187a49d96ab91cf0cbebd8d15c19638f8d7
- Size
  
  314KB
- MD5
  
  a3dfb8d17fccff00dc067a251a751ad0
- SHA1
  
  4ef99db632fab658acddd56884a1761ab96d7b1b
- SHA256
  
  12d5c7135c8536fdfa3bbe0dbd012187a49d96ab91cf0cbebd8d15c19638f8d7
- SHA512
  
  c13a8f4c21d5e9bde4618c1510b1d1443258d28df5d2a7d0df6d57283a92c39e4a178db1a4170b2f4e93c62eb0e19f2efa804b94ce06f697d5e329b0d141320d
- SSDEEP
  
  3072:Aa30MOjV1gIoNJS3CpNDU9zyZY8cf7ni66Umwp8JdM:tE/3bCTUhyZonD6UJp8TM
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan