smokeloader | c08a02def5981aa33689ac0cfcfb441cacfd1ab90390ad6a804442715d6bc108 | Triage

Sharing

General

Target

c08a02def5981aa33689ac0cfcfb441cacfd1ab90390ad6a804442715d6bc108
Size

259KB
Sample

240814-vnfdnstckh
MD5

bb4af1a2a7ca1acce1d5c2306729d0d2
SHA1

d9c559cbd4b4806d171d643652d192c9b7d0dabc
SHA256

c08a02def5981aa33689ac0cfcfb441cacfd1ab90390ad6a804442715d6bc108
SHA512

b190f74faf9b334bad804493c665b6b58014ec0361461b358b7c2a24f354ce211cbc362ea15d8c95f680d8fd4f4f3178f19f35230ef12a7d4725b0a507db6ff3
SSDEEP

3072:2BNe/6rDRZEBo5/Xr0cqhV256s22B9mVf59AwiAhAb:2BNe/6nReOT09XViW

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  c08a02def5981aa33689ac0cfcfb441cacfd1ab90390ad6a804442715d6bc108
- Size
  
  259KB
- MD5
  
  bb4af1a2a7ca1acce1d5c2306729d0d2
- SHA1
  
  d9c559cbd4b4806d171d643652d192c9b7d0dabc
- SHA256
  
  c08a02def5981aa33689ac0cfcfb441cacfd1ab90390ad6a804442715d6bc108
- SHA512
  
  b190f74faf9b334bad804493c665b6b58014ec0361461b358b7c2a24f354ce211cbc362ea15d8c95f680d8fd4f4f3178f19f35230ef12a7d4725b0a507db6ff3
- SSDEEP
  
  3072:2BNe/6rDRZEBo5/Xr0cqhV256s22B9mVf59AwiAhAb:2BNe/6nReOT09XViW
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan