smokeloader | 3fc734fd5a3eb797b212689c0cb49e4958944b5c125a7526609b1049a5b8682d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b06a25906520de72c31810f77c751900N.exe
Size

287KB
Sample

240715-kcvn4szeqd
MD5

b06a25906520de72c31810f77c751900
SHA1

d58edef1e58659d3e5bbcd09645f33a8058d4d33
SHA256

3fc734fd5a3eb797b212689c0cb49e4958944b5c125a7526609b1049a5b8682d
SHA512

32178ab67ab9f0f772c5c19e6014f3a8a196ff047520d826438d9d9c07077b86f6daf0a0d71ca77312ca0ead467414044ef40e5e378d804ecdc6f0dcfdf24092
SSDEEP

3072:KbG1HtOWq7MGS6QyrzdSOySVtaNfYI38PWD79T+m0:KatOwGS6pzTCNteWDpim

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b06a25906520de72c31810f77c751900N.exe
- Size
  
  287KB
- MD5
  
  b06a25906520de72c31810f77c751900
- SHA1
  
  d58edef1e58659d3e5bbcd09645f33a8058d4d33
- SHA256
  
  3fc734fd5a3eb797b212689c0cb49e4958944b5c125a7526609b1049a5b8682d
- SHA512
  
  32178ab67ab9f0f772c5c19e6014f3a8a196ff047520d826438d9d9c07077b86f6daf0a0d71ca77312ca0ead467414044ef40e5e378d804ecdc6f0dcfdf24092
- SSDEEP
  
  3072:KbG1HtOWq7MGS6QyrzdSOySVtaNfYI38PWD79T+m0:KatOwGS6pzTCNteWDpim
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan