smokeloader | 822ea7e406c0dfb30e917f2353c18903fa7bde477db26a082aefd98492bb59d2 | Triage

Sharing

General

Target

822ea7e406c0dfb30e917f2353c18903fa7bde477db26a082aefd98492bb59d2
Size

383KB
Sample

240815-lp9jga1fpk
MD5

aa1d40cb1076984b217fb5f732af68d5
SHA1

1ef552a5fd719b979bd667ecb97ce1d0683c8349
SHA256

822ea7e406c0dfb30e917f2353c18903fa7bde477db26a082aefd98492bb59d2
SHA512

8e8f67745eaadb715a443bfcf463fa371846dda8dca253ada1d59e5b19daafe9b2aeaec882da1ae8bf27a2afc00ffd5d898dec7588afec78c9fbfeea33e9ce82
SSDEEP

6144:oT7uNcXiP3rNKoWiN6mIkXjfM5AcKyPSPNykJVsYO9L:oONcXiP3rUoWH0flcKyPSFyknsp

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  822ea7e406c0dfb30e917f2353c18903fa7bde477db26a082aefd98492bb59d2
- Size
  
  383KB
- MD5
  
  aa1d40cb1076984b217fb5f732af68d5
- SHA1
  
  1ef552a5fd719b979bd667ecb97ce1d0683c8349
- SHA256
  
  822ea7e406c0dfb30e917f2353c18903fa7bde477db26a082aefd98492bb59d2
- SHA512
  
  8e8f67745eaadb715a443bfcf463fa371846dda8dca253ada1d59e5b19daafe9b2aeaec882da1ae8bf27a2afc00ffd5d898dec7588afec78c9fbfeea33e9ce82
- SSDEEP
  
  6144:oT7uNcXiP3rNKoWiN6mIkXjfM5AcKyPSPNykJVsYO9L:oONcXiP3rUoWH0flcKyPSFyknsp
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan