smokeloader | 792c944b3c9e0a15c8233446ec00385e06f8c8f445ae66d7e93967aa961e7996 | Triage

Sharing

General

Target

be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005_dump.exe
Size

30KB
Sample

240724-2js8asvamf
MD5

489d6751ff768244a1fb6e92eccb089e
SHA1

8ec40596f81f2303a6f86b7d26a5866930942875
SHA256

792c944b3c9e0a15c8233446ec00385e06f8c8f445ae66d7e93967aa961e7996
SHA512

dd76f3e45f3fb7db36fa8f0b15b84a4c6ee8af78e25364477b48ff9311ff62d26548283d78b68205eddd7b3342de2f910078cfcb14a201a6f1f37c65b76a6e5c
SSDEEP

768:LFEQSlgTxoOTrx59g2/4hlUzWzPY7yS78PN/oUA:LFEQSoC8x5954LUzWE717gN/oUA

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005_dump.exe
- Size
  
  30KB
- MD5
  
  489d6751ff768244a1fb6e92eccb089e
- SHA1
  
  8ec40596f81f2303a6f86b7d26a5866930942875
- SHA256
  
  792c944b3c9e0a15c8233446ec00385e06f8c8f445ae66d7e93967aa961e7996
- SHA512
  
  dd76f3e45f3fb7db36fa8f0b15b84a4c6ee8af78e25364477b48ff9311ff62d26548283d78b68205eddd7b3342de2f910078cfcb14a201a6f1f37c65b76a6e5c
- SSDEEP
  
  768:LFEQSlgTxoOTrx59g2/4hlUzWzPY7yS78PN/oUA:LFEQSoC8x5954LUzWE717gN/oUA
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan