smokeloader | b81e56bc74b0965ece946cf0e9bde0e1c75388726612ad49627559c1731a9a57 | Triage

Sharing

General

Target

b81e56bc74b0965ece946cf0e9bde0e1c75388726612ad49627559c1731a9a57
Size

291KB
Sample

240721-n4xvbs1hrm
MD5

f89f99695ae8c294b185de6263f3541e
SHA1

915f353694c733ede5bd895df91a89258c98e4e5
SHA256

b81e56bc74b0965ece946cf0e9bde0e1c75388726612ad49627559c1731a9a57
SHA512

35d394dacbe799b7f7e9d3c19683c69834ba794a544dd8f4b3b9c70eb17ea88d857f077591904f0c9ca974538504b044a73b496274cdaeeed189e457540a0519
SSDEEP

6144:3BkIW6Ra2XkSqOUOwuceakeDb9/VSyjA:612XkxO1wukttO

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  b81e56bc74b0965ece946cf0e9bde0e1c75388726612ad49627559c1731a9a57
- Size
  
  291KB
- MD5
  
  f89f99695ae8c294b185de6263f3541e
- SHA1
  
  915f353694c733ede5bd895df91a89258c98e4e5
- SHA256
  
  b81e56bc74b0965ece946cf0e9bde0e1c75388726612ad49627559c1731a9a57
- SHA512
  
  35d394dacbe799b7f7e9d3c19683c69834ba794a544dd8f4b3b9c70eb17ea88d857f077591904f0c9ca974538504b044a73b496274cdaeeed189e457540a0519
- SSDEEP
  
  6144:3BkIW6Ra2XkSqOUOwuceakeDb9/VSyjA:612XkxO1wukttO
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan