smokeloader | 7ca8cab1c814c0d163bedf7b1f73b854babf1dfee89d8fbb556548ffbffe1e0b | Triage

Sharing

General

Target

7ca8cab1c814c0d163bedf7b1f73b854babf1dfee89d8fbb556548ffbffe1e0b
Size

180KB
Sample

240722-gb8yka1erq
MD5

592e00a97f577df4ab8b6a8b6bb2d7de
SHA1

27dde52581900240795f1c9c6dc21bc3254aeac9
SHA256

7ca8cab1c814c0d163bedf7b1f73b854babf1dfee89d8fbb556548ffbffe1e0b
SHA512

7c47af687db719bdf03838e5b27477426888433af768be99a07cd5914ad6e449eddb28f5483f756ce39e3ada820bfb648106040ed88e0add0692ff1d1974f1ed
SSDEEP

3072:a/17ILPD1mazhB2Uj/adv6qg8dXeSRIZ5b93/iuH63JBXETBS:PLL1mab2MGfdeSSFWGS

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  7ca8cab1c814c0d163bedf7b1f73b854babf1dfee89d8fbb556548ffbffe1e0b
- Size
  
  180KB
- MD5
  
  592e00a97f577df4ab8b6a8b6bb2d7de
- SHA1
  
  27dde52581900240795f1c9c6dc21bc3254aeac9
- SHA256
  
  7ca8cab1c814c0d163bedf7b1f73b854babf1dfee89d8fbb556548ffbffe1e0b
- SHA512
  
  7c47af687db719bdf03838e5b27477426888433af768be99a07cd5914ad6e449eddb28f5483f756ce39e3ada820bfb648106040ed88e0add0692ff1d1974f1ed
- SSDEEP
  
  3072:a/17ILPD1mazhB2Uj/adv6qg8dXeSRIZ5b93/iuH63JBXETBS:PLL1mab2MGfdeSSFWGS
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan