smokeloader | 85a779d325468b14e8bea7239659b4b73b53c099bd04500bd2d118704ea652f5 | Triage

Sharing

General

Target

85a779d325468b14e8bea7239659b4b73b53c099bd04500bd2d118704ea652f5
Size

402KB
Sample

240809-v6134axckd
MD5

f05d72592a38ba69c03648463efb857d
SHA1

fc8cf62f4bc735e227f3ee9dd649fd582200b8bf
SHA256

85a779d325468b14e8bea7239659b4b73b53c099bd04500bd2d118704ea652f5
SHA512

79b525146408351e981077ba72c19d97136981acf8a1e0b625a1f4919423f453144469e88528e7e2652140950c04cebe87b0edbc775a6c5ac2d380ee10e0886f
SSDEEP

6144:Wi8ufI8nXLA2U8BQOVSkN2jVgDhLdFwsHD98nFoLNTj:Wi8qI8XLAJgXj98Fwj

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  85a779d325468b14e8bea7239659b4b73b53c099bd04500bd2d118704ea652f5
- Size
  
  402KB
- MD5
  
  f05d72592a38ba69c03648463efb857d
- SHA1
  
  fc8cf62f4bc735e227f3ee9dd649fd582200b8bf
- SHA256
  
  85a779d325468b14e8bea7239659b4b73b53c099bd04500bd2d118704ea652f5
- SHA512
  
  79b525146408351e981077ba72c19d97136981acf8a1e0b625a1f4919423f453144469e88528e7e2652140950c04cebe87b0edbc775a6c5ac2d380ee10e0886f
- SSDEEP
  
  6144:Wi8ufI8nXLA2U8BQOVSkN2jVgDhLdFwsHD98nFoLNTj:Wi8qI8XLAJgXj98Fwj
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan