smokeloader | 79a63a9a41645adb2d5ec7258278f8b235bcda0ab1d0e3c99272cd9b21c8fe32 | Triage

Sharing

General

Target

79a63a9a41645adb2d5ec7258278f8b235bcda0ab1d0e3c99272cd9b21c8fe32
Size

382KB
Sample

240815-z6pghszanj
MD5

e6cbc5744b8597bb6f7998f34e05d013
SHA1

ed5557453914abd52d314a9d1acde27cf0ac1faa
SHA256

79a63a9a41645adb2d5ec7258278f8b235bcda0ab1d0e3c99272cd9b21c8fe32
SHA512

758ff286e4b19f40d2400772e49f71355f6a6020cd207e05be95de88d5d4861876aab211a5b121e2ec83c83ac43fdbbe2bdc851b121e904baa7aada5bf92a531
SSDEEP

6144:gCv/9dRKkLpn2NGhSlLZbhFeWF7aNZuvkFeHCjM/II:gCv/9dwkLpLhOqmYuvkFC+M/II

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  79a63a9a41645adb2d5ec7258278f8b235bcda0ab1d0e3c99272cd9b21c8fe32
- Size
  
  382KB
- MD5
  
  e6cbc5744b8597bb6f7998f34e05d013
- SHA1
  
  ed5557453914abd52d314a9d1acde27cf0ac1faa
- SHA256
  
  79a63a9a41645adb2d5ec7258278f8b235bcda0ab1d0e3c99272cd9b21c8fe32
- SHA512
  
  758ff286e4b19f40d2400772e49f71355f6a6020cd207e05be95de88d5d4861876aab211a5b121e2ec83c83ac43fdbbe2bdc851b121e904baa7aada5bf92a531
- SSDEEP
  
  6144:gCv/9dRKkLpn2NGhSlLZbhFeWF7aNZuvkFeHCjM/II:gCv/9dwkLpLhOqmYuvkFC+M/II
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan