smokeloader | 154aad6fa244bbbf1b7d740a3553c66d2bc10735a18641abeda60162fc1fcdc0 | Triage

Sharing

General

Target

154aad6fa244bbbf1b7d740a3553c66d2bc10735a18641abeda60162fc1fcdc0.exe
Size

367KB
Sample

240715-slp4zszblg
MD5

594d02362194ea0d57399327bbea5044
SHA1

7b61ed6de89af4971072504fa3d2a750395be054
SHA256

154aad6fa244bbbf1b7d740a3553c66d2bc10735a18641abeda60162fc1fcdc0
SHA512

ca1aa68e2fd19cc5447d2621134b0e529182f189b2038c2d32a7c19ee1258200322603c769521cabf9a8401c6bef799c6bb36140187dcb0462441536676cc470
SSDEEP

3072:JTEOTTn0vMVaHzIVEX2sg3VktbQ0+NyxaWtls24E/ZX2CQvTH:JlTTn0vMcIVEX2sgoc0+k3ls27VDQvT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  154aad6fa244bbbf1b7d740a3553c66d2bc10735a18641abeda60162fc1fcdc0.exe
- Size
  
  367KB
- MD5
  
  594d02362194ea0d57399327bbea5044
- SHA1
  
  7b61ed6de89af4971072504fa3d2a750395be054
- SHA256
  
  154aad6fa244bbbf1b7d740a3553c66d2bc10735a18641abeda60162fc1fcdc0
- SHA512
  
  ca1aa68e2fd19cc5447d2621134b0e529182f189b2038c2d32a7c19ee1258200322603c769521cabf9a8401c6bef799c6bb36140187dcb0462441536676cc470
- SSDEEP
  
  3072:JTEOTTn0vMVaHzIVEX2sg3VktbQ0+NyxaWtls24E/ZX2CQvTH:JlTTn0vMcIVEX2sgoc0+k3ls27VDQvT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan