smokeloader | f51b97f6816ab443b5652bf340c562927152b27da26a08a04b4b79f7cebd655e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2495fd485b2dc758409a8c11c1478c84.exe
Size

234KB
Sample

240719-m1nxksxdnq
MD5

2495fd485b2dc758409a8c11c1478c84
SHA1

95087c41bc5f447de40a933632c3ba2366a01ebd
SHA256

f51b97f6816ab443b5652bf340c562927152b27da26a08a04b4b79f7cebd655e
SHA512

b2f7a8d3b7e8165241c6885747013bf08ca093018c0a0901f2203f7ebe5ec01f96b406baf51e1ceca7f4df014913c212f2ccf0a9c537ff7a865b0410a84d59a8
SSDEEP

3072:VqOv4bsDSYUJGOgjaxR7c7jinTkFwadH/JyRhyxwGlSlejtuIE:VqORfOGOgjw78mTkFjRqyxblSlYuI

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2495fd485b2dc758409a8c11c1478c84.exe
- Size
  
  234KB
- MD5
  
  2495fd485b2dc758409a8c11c1478c84
- SHA1
  
  95087c41bc5f447de40a933632c3ba2366a01ebd
- SHA256
  
  f51b97f6816ab443b5652bf340c562927152b27da26a08a04b4b79f7cebd655e
- SHA512
  
  b2f7a8d3b7e8165241c6885747013bf08ca093018c0a0901f2203f7ebe5ec01f96b406baf51e1ceca7f4df014913c212f2ccf0a9c537ff7a865b0410a84d59a8
- SSDEEP
  
  3072:VqOv4bsDSYUJGOgjaxR7c7jinTkFwadH/JyRhyxwGlSlejtuIE:VqORfOGOgjw78mTkFjRqyxblSlYuI
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan