smokeloader | 91dfc34bf5ecc186d6668ceb2acfab1fc16ba980b11954b0ce3c3dac7a82b44e | Triage

Sharing

General

Target

91dfc34bf5ecc186d6668ceb2acfab1fc16ba980b11954b0ce3c3dac7a82b44e
Size

326KB
Sample

240725-p8cwdssgqc
MD5

aeea166b4212d0a9efb77f5e0e8946d2
SHA1

90a6a2db59db8627b652222209ef5321740f09ad
SHA256

91dfc34bf5ecc186d6668ceb2acfab1fc16ba980b11954b0ce3c3dac7a82b44e
SHA512

37a9d8fc1f452bb46c01833a8c3cb77aa871711c674572fd4cf271b8649528a1071a6b9c43ef69f32e2cca52f8335141c3d93d98fd28a1c38430708d585f9496
SSDEEP

3072:6h3og3d7KbmYwObvB/7FJdiH+cH8nGPZpspUMnT1:aYgN7KbmYwAv97FJdS+iIKz+nT

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  91dfc34bf5ecc186d6668ceb2acfab1fc16ba980b11954b0ce3c3dac7a82b44e
- Size
  
  326KB
- MD5
  
  aeea166b4212d0a9efb77f5e0e8946d2
- SHA1
  
  90a6a2db59db8627b652222209ef5321740f09ad
- SHA256
  
  91dfc34bf5ecc186d6668ceb2acfab1fc16ba980b11954b0ce3c3dac7a82b44e
- SHA512
  
  37a9d8fc1f452bb46c01833a8c3cb77aa871711c674572fd4cf271b8649528a1071a6b9c43ef69f32e2cca52f8335141c3d93d98fd28a1c38430708d585f9496
- SSDEEP
  
  3072:6h3og3d7KbmYwObvB/7FJdiH+cH8nGPZpspUMnT1:aYgN7KbmYwAv97FJdS+iIKz+nT
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan