smokeloader | 39ca9900b5a1aaff6a218a56884f8c235263e3eb4e64c325b357fb028295f0a5 | Triage

Sharing

General

Target

39ca9900b5a1aaff6a218a56884f8c235263e3eb4e64c325b357fb028295f0a5
Size

300KB
Sample

240723-g7lsxasepm
MD5

36048151718279b84488ecbe9e41acd7
SHA1

41d70db37f8bdbaeda04853c780fc7bc8da09b70
SHA256

39ca9900b5a1aaff6a218a56884f8c235263e3eb4e64c325b357fb028295f0a5
SHA512

1d68c28ca5a264fc9ebe64b45266382b29bf2ceee46dbebdb2983ea426c3a954ff37089b847a5b7916897aa6a05c6018f73aa2b5069c7cdc321c18b4f170de87
SSDEEP

3072:QfN2c1jZ3Q9VUGXXk0V7/06GgsOnMeCRzhy53GYkWHfF+6sTCdfv9GTi:QtdAUGnJJM6GgwTtM/DfFBFlGT

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  39ca9900b5a1aaff6a218a56884f8c235263e3eb4e64c325b357fb028295f0a5
- Size
  
  300KB
- MD5
  
  36048151718279b84488ecbe9e41acd7
- SHA1
  
  41d70db37f8bdbaeda04853c780fc7bc8da09b70
- SHA256
  
  39ca9900b5a1aaff6a218a56884f8c235263e3eb4e64c325b357fb028295f0a5
- SHA512
  
  1d68c28ca5a264fc9ebe64b45266382b29bf2ceee46dbebdb2983ea426c3a954ff37089b847a5b7916897aa6a05c6018f73aa2b5069c7cdc321c18b4f170de87
- SSDEEP
  
  3072:QfN2c1jZ3Q9VUGXXk0V7/06GgsOnMeCRzhy53GYkWHfF+6sTCdfv9GTi:QtdAUGnJJM6GgwTtM/DfFBFlGT
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan