smokeloader | 8e2a205ef6df9ab6668159e362f54b41d596050e5980a6eb4e6dae6413b5085c | Triage

Sharing

General

Target

8e2a205ef6df9ab6668159e362f54b41d596050e5980a6eb4e6dae6413b5085c
Size

233KB
Sample

240725-zdrq6swfmd
MD5

0a7b43626f491c519a5e3474167e6a76
SHA1

74fac1b4bf1a2349e7d19b177940be807d976b54
SHA256

8e2a205ef6df9ab6668159e362f54b41d596050e5980a6eb4e6dae6413b5085c
SHA512

843c0ae6ca233050e75550208b0cb18d746c81169168a029ddc9c990bed186bf0a71a081da11e290a322185d60eed03a4d69618b478a9ecabc917424a601adbf
SSDEEP

3072:DHHNw9sZxXJjqK44yyqDK4leLkovgrjT3Zn/8m4qOo9/TH:rtw9sZxX8KteKo8kUgrjxKo9/T

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8e2a205ef6df9ab6668159e362f54b41d596050e5980a6eb4e6dae6413b5085c
- Size
  
  233KB
- MD5
  
  0a7b43626f491c519a5e3474167e6a76
- SHA1
  
  74fac1b4bf1a2349e7d19b177940be807d976b54
- SHA256
  
  8e2a205ef6df9ab6668159e362f54b41d596050e5980a6eb4e6dae6413b5085c
- SHA512
  
  843c0ae6ca233050e75550208b0cb18d746c81169168a029ddc9c990bed186bf0a71a081da11e290a322185d60eed03a4d69618b478a9ecabc917424a601adbf
- SSDEEP
  
  3072:DHHNw9sZxXJjqK44yyqDK4leLkovgrjT3Zn/8m4qOo9/TH:rtw9sZxX8KteKo8kUgrjxKo9/T
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan