smokeloader | bbe27108a9811495b8fa554629cc968c8b93dcb9286df861579f87bb3ca7d6f9 | Triage

Sharing

General

Target

bbe27108a9811495b8fa554629cc968c8b93dcb9286df861579f87bb3ca7d6f9
Size

414KB
Sample

240813-fjbglazfmk
MD5

0f8cadb3a394792956bb8f35d695ab38
SHA1

dc1a34b2f1cc9363b3d6d86a9761618182297568
SHA256

bbe27108a9811495b8fa554629cc968c8b93dcb9286df861579f87bb3ca7d6f9
SHA512

59cf31248f3bc13372d4dd10c5f7589a8717f77511d0ba883da2cac45863d88b6220e3faaf31e4b25cdb19628a08d7559ecf32b32bae48ead5d3194e9f107889
SSDEEP

12288:LqSkuk4zM7ITODu1AN8Jt3ELUvXpYuKmrhSC1wAG:LqIzHa4ANItUwSYACi7

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  bbe27108a9811495b8fa554629cc968c8b93dcb9286df861579f87bb3ca7d6f9
- Size
  
  414KB
- MD5
  
  0f8cadb3a394792956bb8f35d695ab38
- SHA1
  
  dc1a34b2f1cc9363b3d6d86a9761618182297568
- SHA256
  
  bbe27108a9811495b8fa554629cc968c8b93dcb9286df861579f87bb3ca7d6f9
- SHA512
  
  59cf31248f3bc13372d4dd10c5f7589a8717f77511d0ba883da2cac45863d88b6220e3faaf31e4b25cdb19628a08d7559ecf32b32bae48ead5d3194e9f107889
- SSDEEP
  
  12288:LqSkuk4zM7ITODu1AN8Jt3ELUvXpYuKmrhSC1wAG:LqIzHa4ANItUwSYACi7
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan