smokeloader | d8c24b92ac0aca4293597e1489303efe60c2e53b801c84982ee9922fe8954980 | Triage

Sharing

General

Target

d8c24b92ac0aca4293597e1489303efe60c2e53b801c84982ee9922fe8954980
Size

292KB
Sample

240721-1rk18awfpc
MD5

e7b840081c0c20e250df231ccc015f77
SHA1

88a5644407aac9e30e3399ef288b610f8ea4329f
SHA256

d8c24b92ac0aca4293597e1489303efe60c2e53b801c84982ee9922fe8954980
SHA512

8ec2fb11a0b9398e6c8c202d57d58d1b06d1b9887015d1bec3f02b3ec7a1cdafa67582b5da3996c182849af2c0a56842c8df50617ab038a488016a57cc9b4534
SSDEEP

6144:v+ko/BWNtwLnKMfGKCMn7rbHvinQX3KUS+/r:k8NOLnKMfGgnz3vz

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d8c24b92ac0aca4293597e1489303efe60c2e53b801c84982ee9922fe8954980
- Size
  
  292KB
- MD5
  
  e7b840081c0c20e250df231ccc015f77
- SHA1
  
  88a5644407aac9e30e3399ef288b610f8ea4329f
- SHA256
  
  d8c24b92ac0aca4293597e1489303efe60c2e53b801c84982ee9922fe8954980
- SHA512
  
  8ec2fb11a0b9398e6c8c202d57d58d1b06d1b9887015d1bec3f02b3ec7a1cdafa67582b5da3996c182849af2c0a56842c8df50617ab038a488016a57cc9b4534
- SSDEEP
  
  6144:v+ko/BWNtwLnKMfGKCMn7rbHvinQX3KUS+/r:k8NOLnKMfGgnz3vz
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan