smokeloader | 709028ffdd20bc238b72884eb2810bfc78875ef9ca447f66ea21b7dfbb5d1b07 | Triage

Sharing

General

Target

709028ffdd20bc238b72884eb2810bfc78875ef9ca447f66ea21b7dfbb5d1b07
Size

293KB
Sample

240721-vbshgaxfmr
MD5

93ea2afba4fdfdd6fdc039f77dda145b
SHA1

bf6340e84224c146997ba805f9f8862c4d91ebd0
SHA256

709028ffdd20bc238b72884eb2810bfc78875ef9ca447f66ea21b7dfbb5d1b07
SHA512

b8f8ab6c8351d445c8e2978b81bc2e9e13a040609598d3ecf9a0e50f4b9179a0a6303ad665cbc8cf719c004ff991895a9b936fa5a008e7e70309c61af6d8b93e
SSDEEP

3072:x+tTxPHjJziNwlLLSnOn3XbqHLsIZ5xYK81H8GEpJB62B+g8JU9/OWQqVDfX3a:x+tRDNiNwVWnO3rqHLT8+FdB+PJYX/3

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  709028ffdd20bc238b72884eb2810bfc78875ef9ca447f66ea21b7dfbb5d1b07
- Size
  
  293KB
- MD5
  
  93ea2afba4fdfdd6fdc039f77dda145b
- SHA1
  
  bf6340e84224c146997ba805f9f8862c4d91ebd0
- SHA256
  
  709028ffdd20bc238b72884eb2810bfc78875ef9ca447f66ea21b7dfbb5d1b07
- SHA512
  
  b8f8ab6c8351d445c8e2978b81bc2e9e13a040609598d3ecf9a0e50f4b9179a0a6303ad665cbc8cf719c004ff991895a9b936fa5a008e7e70309c61af6d8b93e
- SSDEEP
  
  3072:x+tTxPHjJziNwlLLSnOn3XbqHLsIZ5xYK81H8GEpJB62B+g8JU9/OWQqVDfX3a:x+tRDNiNwVWnO3rqHLT8+FdB+PJYX/3
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan