smokeloader | 394e9ac3df2bdc28a437c1af683aec0f1762d484845f4bdf951a5c335d23d544 | Triage

Sharing

General

Target

394e9ac3df2bdc28a437c1af683aec0f1762d484845f4bdf951a5c335d23d544
Size

227KB
Sample

240726-p93hfasgra
MD5

aa285679c757d37f249668c6077e5f1d
SHA1

1d95b62bb8835947661592bbca8cf4a8ad172b1d
SHA256

394e9ac3df2bdc28a437c1af683aec0f1762d484845f4bdf951a5c335d23d544
SHA512

225d7f61e30a0cafa1e8387626c00ac265f2e2077246578b4bfa322b8eac75558cb8da869f6a68da3a4fd3f56873116cb2b2c8015920079c4304a342ed0b2c16
SSDEEP

3072:mXPaY24ng+0cHa8MUwgbM5ZV4areBpIDuIex+U6v/txd:gPz24ng8Hav0+V4arKpJI5U6v1

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  394e9ac3df2bdc28a437c1af683aec0f1762d484845f4bdf951a5c335d23d544
- Size
  
  227KB
- MD5
  
  aa285679c757d37f249668c6077e5f1d
- SHA1
  
  1d95b62bb8835947661592bbca8cf4a8ad172b1d
- SHA256
  
  394e9ac3df2bdc28a437c1af683aec0f1762d484845f4bdf951a5c335d23d544
- SHA512
  
  225d7f61e30a0cafa1e8387626c00ac265f2e2077246578b4bfa322b8eac75558cb8da869f6a68da3a4fd3f56873116cb2b2c8015920079c4304a342ed0b2c16
- SSDEEP
  
  3072:mXPaY24ng+0cHa8MUwgbM5ZV4areBpIDuIex+U6v/txd:gPz24ng8Hav0+V4arKpJI5U6v1
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan