smokeloader | 8f202e5703eb13278255d433be2d5101a6e338b977e6f14acc9ad6abb196e3d8 | Triage

Sharing

General

Target

8f202e5703eb13278255d433be2d5101a6e338b977e6f14acc9ad6abb196e3d8
Size

301KB
Sample

240723-p6rxjatend
MD5

40bc35895a07c6e604c4a4f0d635849f
SHA1

0a3312d407aeb8f4b42c4321d89cb269546a3f13
SHA256

8f202e5703eb13278255d433be2d5101a6e338b977e6f14acc9ad6abb196e3d8
SHA512

2c176f272f1297e2d51458e0abbb9798662a12bd7d4382423351fd82fd590dcbaacfd7b4ce74947ab9f562ddf766c3b4814b0d910f45ffd2d5de1c48fb02ccd8
SSDEEP

3072:Qi7Z6iGod7VI0y0HZXrqFQwx+EspfKQ/VOM7SPSf+HNjaqGlmi1lv0F9Tu:QiIEBVE4ZXGNo3OMeu+UNl31N0F9T

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8f202e5703eb13278255d433be2d5101a6e338b977e6f14acc9ad6abb196e3d8
- Size
  
  301KB
- MD5
  
  40bc35895a07c6e604c4a4f0d635849f
- SHA1
  
  0a3312d407aeb8f4b42c4321d89cb269546a3f13
- SHA256
  
  8f202e5703eb13278255d433be2d5101a6e338b977e6f14acc9ad6abb196e3d8
- SHA512
  
  2c176f272f1297e2d51458e0abbb9798662a12bd7d4382423351fd82fd590dcbaacfd7b4ce74947ab9f562ddf766c3b4814b0d910f45ffd2d5de1c48fb02ccd8
- SSDEEP
  
  3072:Qi7Z6iGod7VI0y0HZXrqFQwx+EspfKQ/VOM7SPSf+HNjaqGlmi1lv0F9Tu:QiIEBVE4ZXGNo3OMeu+UNl31N0F9T
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan