smokeloader | 8f5e88d509638934142520056b1f3ac972ffd357e7e827444816a35ddaf93365 | Triage

Sharing

General

Target

8f5e88d509638934142520056b1f3ac972ffd357e7e827444816a35ddaf93365
Size

243KB
Sample

240814-rl82es1frk
MD5

4d78766dc0c17d460eb63efdb6edec12
SHA1

e06cc01cbbdb3a60719b2e6a35be99a1887e69f2
SHA256

8f5e88d509638934142520056b1f3ac972ffd357e7e827444816a35ddaf93365
SHA512

17e3c8a49b988e68e7b1fb47b94009666c661a434c0aa4a7dd8615d5e0e678a9b0d8b1adb21afed54a48347b50f537df04c345d52b5f3db53fa79c34b2974c9e
SSDEEP

1536:tkdQz0qNLQh8oftM5mUujLRsuMdWqj/Yq51dS4PU/OS1IxTC8SyH9Y51hG/LO2nT:rzNUf/dsuMA/qXrs/NfT3fhIgpB5IuO

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  8f5e88d509638934142520056b1f3ac972ffd357e7e827444816a35ddaf93365
- Size
  
  243KB
- MD5
  
  4d78766dc0c17d460eb63efdb6edec12
- SHA1
  
  e06cc01cbbdb3a60719b2e6a35be99a1887e69f2
- SHA256
  
  8f5e88d509638934142520056b1f3ac972ffd357e7e827444816a35ddaf93365
- SHA512
  
  17e3c8a49b988e68e7b1fb47b94009666c661a434c0aa4a7dd8615d5e0e678a9b0d8b1adb21afed54a48347b50f537df04c345d52b5f3db53fa79c34b2974c9e
- SSDEEP
  
  1536:tkdQz0qNLQh8oftM5mUujLRsuMdWqj/Yq51dS4PU/OS1IxTC8SyH9Y51hG/LO2nT:rzNUf/dsuMA/qXrs/NfT3fhIgpB5IuO
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan