smokeloader | 2d3f9a0110aec4d6069acf2d9c6b7698f4a071726e5ed89c69a4db174cb8d126 | Triage

Resubmissions

25-07-2024 14:59

240725-sctqtaxhra 10

24-07-2024 23:51

240724-3v6s7svcql 10

Sharing

General

Target

2d3f9a0110aec4d6069acf2d9c6b7698f4a071726e5ed89c69a4db174cb8d126
Size

151KB
Sample

240724-3v6s7svcql
MD5

c6a3b8e87b08c6e731dd0b47f2c37da6
SHA1

5e7b4790461dc6b585a9178f9839b6c05416165e
SHA256

2d3f9a0110aec4d6069acf2d9c6b7698f4a071726e5ed89c69a4db174cb8d126
SHA512

e0cd23eb011966dcc574a39a4d7933ec2fcb8d4bea581d5224c52b839028b6e01e864bc288d2d6b65030073f3885de39941f9bffa102828e7bd80b787d2b97bb
SSDEEP

3072:sDZLdJII7/nCymM5In87Q5bcXmq8LRnN7ki:sVLdJIs/n+M5qc2HQi

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2d3f9a0110aec4d6069acf2d9c6b7698f4a071726e5ed89c69a4db174cb8d126
- Size
  
  151KB
- MD5
  
  c6a3b8e87b08c6e731dd0b47f2c37da6
- SHA1
  
  5e7b4790461dc6b585a9178f9839b6c05416165e
- SHA256
  
  2d3f9a0110aec4d6069acf2d9c6b7698f4a071726e5ed89c69a4db174cb8d126
- SHA512
  
  e0cd23eb011966dcc574a39a4d7933ec2fcb8d4bea581d5224c52b839028b6e01e864bc288d2d6b65030073f3885de39941f9bffa102828e7bd80b787d2b97bb
- SSDEEP
  
  3072:sDZLdJII7/nCymM5In87Q5bcXmq8LRnN7ki:sVLdJIs/n+M5qc2HQi
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan