smokeloader | 9f0237df3b14e310cc7a2347b2b852d3af93f81b81c6f8bed1dc522a8d24d50c | Triage

Sharing

General

Target

9f0237df3b14e310cc7a2347b2b852d3af93f81b81c6f8bed1dc522a8d24d50c
Size

212KB
Sample

240710-lvrwls1blk
MD5

293460728c83e7be2fccc67283815c03
SHA1

717854c6d8bd7e0528244eb3535fdcef9df786e1
SHA256

9f0237df3b14e310cc7a2347b2b852d3af93f81b81c6f8bed1dc522a8d24d50c
SHA512

456d028c8a03784e5a4da09eb0af3e464481576c1ec183f16e4df6d2538c84d71f2ced519d152216f3d82f71e8f094e7b09868eb55f198818f4df9c73a76ea29
SSDEEP

3072:pupGHxcfc19fyqVsEK3YoX+hmj8ZFcxPVjKNIWJgXfcTizyGUmwp8J2I:KGHxcEuqu33ePCduaWJgbyGUJp8wI

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  9f0237df3b14e310cc7a2347b2b852d3af93f81b81c6f8bed1dc522a8d24d50c
- Size
  
  212KB
- MD5
  
  293460728c83e7be2fccc67283815c03
- SHA1
  
  717854c6d8bd7e0528244eb3535fdcef9df786e1
- SHA256
  
  9f0237df3b14e310cc7a2347b2b852d3af93f81b81c6f8bed1dc522a8d24d50c
- SHA512
  
  456d028c8a03784e5a4da09eb0af3e464481576c1ec183f16e4df6d2538c84d71f2ced519d152216f3d82f71e8f094e7b09868eb55f198818f4df9c73a76ea29
- SSDEEP
  
  3072:pupGHxcfc19fyqVsEK3YoX+hmj8ZFcxPVjKNIWJgXfcTizyGUmwp8J2I:KGHxcEuqu33ePCduaWJgbyGUJp8wI
Score

10^/10

smokeloader pub3 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoortrojan