smokeloader | a34234eec6bb8b0ef72efd3757e4c76078286002d4185c663f34f82c27cd847b | Triage

Sharing

General

Target

a34234eec6bb8b0ef72efd3757e4c76078286002d4185c663f34f82c27cd847b
Size

215KB
Sample

240813-bgfajswcma
MD5

7ca0e1ca54a04b852951ccb0e624539a
SHA1

51375c455658aed0d4dc7eeeb7d249cae7622cc6
SHA256

a34234eec6bb8b0ef72efd3757e4c76078286002d4185c663f34f82c27cd847b
SHA512

18bef1550b0704d1ca16f5ec470b19f6b897d7791b8e7da486e635509218a33146964f8f0546b503be8567565e6ac588ea0ef7e88fe42b250b765f8de203c9ad
SSDEEP

3072:sMZIrwUFVAenMN0WUAaKIgj7Ival8W/5J13c:GkNMNk7PH1

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  a34234eec6bb8b0ef72efd3757e4c76078286002d4185c663f34f82c27cd847b
- Size
  
  215KB
- MD5
  
  7ca0e1ca54a04b852951ccb0e624539a
- SHA1
  
  51375c455658aed0d4dc7eeeb7d249cae7622cc6
- SHA256
  
  a34234eec6bb8b0ef72efd3757e4c76078286002d4185c663f34f82c27cd847b
- SHA512
  
  18bef1550b0704d1ca16f5ec470b19f6b897d7791b8e7da486e635509218a33146964f8f0546b503be8567565e6ac588ea0ef7e88fe42b250b765f8de203c9ad
- SSDEEP
  
  3072:sMZIrwUFVAenMN0WUAaKIgj7Ival8W/5J13c:GkNMNk7PH1
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan