smokeloader | 6346bfea3c5ec790fd8a546e903212c27e4c0a92afbfe5a1e898aab2908c0fb0 | Triage

Sharing

General

Target

6346bfea3c5ec790fd8a546e903212c27e4c0a92afbfe5a1e898aab2908c0fb0
Size

180KB
Sample

240722-t1pbnswgmg
MD5

e86fda50bcf640c4133b5126b377d3cc
SHA1

ffdd2430840d6e0c4a01249f6f9b6fe656900ac7
SHA256

6346bfea3c5ec790fd8a546e903212c27e4c0a92afbfe5a1e898aab2908c0fb0
SHA512

d6fb988ed25726d0020ec71999d9e493e8bb164a38cd926c0894426cb2765d620285ed0daf2e312931ff8b38c935498da1c1988dbe8231d6853192f4d834bf0c
SSDEEP

3072:gfY21LEKKfgbaTrVCoPdSnLtFU0hvne5EtPefrBXETBS:G1LNegWvUolSzSGS

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  6346bfea3c5ec790fd8a546e903212c27e4c0a92afbfe5a1e898aab2908c0fb0
- Size
  
  180KB
- MD5
  
  e86fda50bcf640c4133b5126b377d3cc
- SHA1
  
  ffdd2430840d6e0c4a01249f6f9b6fe656900ac7
- SHA256
  
  6346bfea3c5ec790fd8a546e903212c27e4c0a92afbfe5a1e898aab2908c0fb0
- SHA512
  
  d6fb988ed25726d0020ec71999d9e493e8bb164a38cd926c0894426cb2765d620285ed0daf2e312931ff8b38c935498da1c1988dbe8231d6853192f4d834bf0c
- SSDEEP
  
  3072:gfY21LEKKfgbaTrVCoPdSnLtFU0hvne5EtPefrBXETBS:G1LNegWvUolSzSGS
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan