smokeloader | de349ff1a303744a1b3b7a405debb52bc2c3588cf0260bcc8a81888d1d7fa855 | Triage

Sharing

General

Target

de349ff1a303744a1b3b7a405debb52bc2c3588cf0260bcc8a81888d1d7fa855
Size

214KB
Sample

240808-x5dyaaxhrn
MD5

4666ef10e48d41420f8ddbe01a158e22
SHA1

9bd8908563928bb8c1168074a120b98d0c063fb2
SHA256

de349ff1a303744a1b3b7a405debb52bc2c3588cf0260bcc8a81888d1d7fa855
SHA512

afcbeb75e44d23fde1dd2d553446958249fc6ecbab07709009c5ee7e084f838212905e243804ddc748bb0920cf7a2e4fde64c5e23d1ac0e13a2535316dc89cff
SSDEEP

3072:BpLCDpyQFKpKbDmhAgRvvxGP87EpsFH59tf5jBH1:TLApyNpKbDmWgTs8YK5h

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  de349ff1a303744a1b3b7a405debb52bc2c3588cf0260bcc8a81888d1d7fa855
- Size
  
  214KB
- MD5
  
  4666ef10e48d41420f8ddbe01a158e22
- SHA1
  
  9bd8908563928bb8c1168074a120b98d0c063fb2
- SHA256
  
  de349ff1a303744a1b3b7a405debb52bc2c3588cf0260bcc8a81888d1d7fa855
- SHA512
  
  afcbeb75e44d23fde1dd2d553446958249fc6ecbab07709009c5ee7e084f838212905e243804ddc748bb0920cf7a2e4fde64c5e23d1ac0e13a2535316dc89cff
- SSDEEP
  
  3072:BpLCDpyQFKpKbDmhAgRvvxGP87EpsFH59tf5jBH1:TLApyNpKbDmWgTs8YK5h
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan