smokeloader | 8319ac8978ed747e7b39e3fe0210a7b49df634217a38fba56c0e65743d634622 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8319ac8978ed747e7b39e3fe0210a7b49df634217a38fba56c0e65743d634622.exe
Size

286KB
Sample

240712-wjbelawekg
MD5

7bbde0f63a5725741ddb28e694a2e646
SHA1

6f6622c53c8e72d9d3f48d43feb7baedf48961e5
SHA256

8319ac8978ed747e7b39e3fe0210a7b49df634217a38fba56c0e65743d634622
SHA512

30fb7778336e6371b4d7e6b3d2c57ea10c2a33ebae060a6368cefa9c32f954661900b10abe6e9b3a72db31944ac848d6db1670b9455c7c2a04a45fc087dc7ed0
SSDEEP

3072:V8+yQbyQLyYPLk9HSfkBHPEEdAxnqdEsSTl/oWTysKhTQWpOmrz+g:VoQblDk9yfkBvb4KxSJApBQhg

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8319ac8978ed747e7b39e3fe0210a7b49df634217a38fba56c0e65743d634622.exe
- Size
  
  286KB
- MD5
  
  7bbde0f63a5725741ddb28e694a2e646
- SHA1
  
  6f6622c53c8e72d9d3f48d43feb7baedf48961e5
- SHA256
  
  8319ac8978ed747e7b39e3fe0210a7b49df634217a38fba56c0e65743d634622
- SHA512
  
  30fb7778336e6371b4d7e6b3d2c57ea10c2a33ebae060a6368cefa9c32f954661900b10abe6e9b3a72db31944ac848d6db1670b9455c7c2a04a45fc087dc7ed0
- SSDEEP
  
  3072:V8+yQbyQLyYPLk9HSfkBHPEEdAxnqdEsSTl/oWTysKhTQWpOmrz+g:VoQblDk9yfkBvb4KxSJApBQhg
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan