smokeloader | 07d99c05476f530ed8c3028f6b8ee1fe17cdaf378a6ca66d87e11e3a2b5cbf16 | Triage

Sharing

General

Target

07d99c05476f530ed8c3028f6b8ee1fe17cdaf378a6ca66d87e11e3a2b5cbf16
Size

399KB
Sample

240815-hk9rwsvfqp
MD5

6ef011f2258ab71ee248d476e1e816ac
SHA1

4212e8a3be3a3cfc90679609269b50bfd4d58bf4
SHA256

07d99c05476f530ed8c3028f6b8ee1fe17cdaf378a6ca66d87e11e3a2b5cbf16
SHA512

632101239775de60abc2f0f235fbf52a404981090856f0b54eeece1bdcddbc768e1264eaf2c0730194b7b756f6b3bbfae6ee89075a8b1d4693f24157b5124819
SSDEEP

6144:FVod0MHLEmjpVdjt9gQ89vOFlRq2oHOriZ7tEbKc1T:FVo0MHLEedh9iMJ1ourc5EJ

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  07d99c05476f530ed8c3028f6b8ee1fe17cdaf378a6ca66d87e11e3a2b5cbf16
- Size
  
  399KB
- MD5
  
  6ef011f2258ab71ee248d476e1e816ac
- SHA1
  
  4212e8a3be3a3cfc90679609269b50bfd4d58bf4
- SHA256
  
  07d99c05476f530ed8c3028f6b8ee1fe17cdaf378a6ca66d87e11e3a2b5cbf16
- SHA512
  
  632101239775de60abc2f0f235fbf52a404981090856f0b54eeece1bdcddbc768e1264eaf2c0730194b7b756f6b3bbfae6ee89075a8b1d4693f24157b5124819
- SSDEEP
  
  6144:FVod0MHLEmjpVdjt9gQ89vOFlRq2oHOriZ7tEbKc1T:FVo0MHLEedh9iMJ1ourc5EJ
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan