smokeloader | 456f32e54488cbe06a233f124c672382038f4afb2439826372d670956a028021 | Triage

Sharing

General

Target

456f32e54488cbe06a233f124c672382038f4afb2439826372d670956a028021
Size

421KB
Sample

240813-q9mmnasbnr
MD5

d613c372fc5182617c3bbe431061acd2
SHA1

879d5f18fe5c84b5b970715043c864164fb271ca
SHA256

456f32e54488cbe06a233f124c672382038f4afb2439826372d670956a028021
SHA512

bb17682856f03e59d3b8799c44aa17a2227ed56d64994a7271c4901ff9b72b125e6c0ac1d58da2936bb97502e3c9698d5705157c3b50d754c3476a78de98b406
SSDEEP

12288:+4ddKXA5SpqgqbE5hS9sbfy0xAwjuICC0:+Gb5/bEnCmy6cIC/

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  456f32e54488cbe06a233f124c672382038f4afb2439826372d670956a028021
- Size
  
  421KB
- MD5
  
  d613c372fc5182617c3bbe431061acd2
- SHA1
  
  879d5f18fe5c84b5b970715043c864164fb271ca
- SHA256
  
  456f32e54488cbe06a233f124c672382038f4afb2439826372d670956a028021
- SHA512
  
  bb17682856f03e59d3b8799c44aa17a2227ed56d64994a7271c4901ff9b72b125e6c0ac1d58da2936bb97502e3c9698d5705157c3b50d754c3476a78de98b406
- SSDEEP
  
  12288:+4ddKXA5SpqgqbE5hS9sbfy0xAwjuICC0:+Gb5/bEnCmy6cIC/
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan