smokeloader | f59856ac92f77d4d44bdf570dd35ac3b6d9eb9e80a2cf2679669e9ae0e93859b | Triage

Sharing

General

Target

f59856ac92f77d4d44bdf570dd35ac3b6d9eb9e80a2cf2679669e9ae0e93859b
Size

258KB
Sample

240816-y3ktgsyblq
MD5

be420593d4fed97aa04f4e15ad0dac42
SHA1

593e055e7e734e9bc6dc1b7a585553cada47cbfd
SHA256

f59856ac92f77d4d44bdf570dd35ac3b6d9eb9e80a2cf2679669e9ae0e93859b
SHA512

37a5e88f94ee0f3ca35826a60ccf513f04208e4f04ccbd89243bb01792e15e2ddf11241286d2d3d7c6375b92f8a2c0af6705f9bcf28c5ccccd4e2217b3951c89
SSDEEP

3072:DTBr1brskIwTYAeGO8ffDyJ1ve55tTfCT7LfV6gV6mr:LJpdOJ58KrYVm

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  f59856ac92f77d4d44bdf570dd35ac3b6d9eb9e80a2cf2679669e9ae0e93859b
- Size
  
  258KB
- MD5
  
  be420593d4fed97aa04f4e15ad0dac42
- SHA1
  
  593e055e7e734e9bc6dc1b7a585553cada47cbfd
- SHA256
  
  f59856ac92f77d4d44bdf570dd35ac3b6d9eb9e80a2cf2679669e9ae0e93859b
- SHA512
  
  37a5e88f94ee0f3ca35826a60ccf513f04208e4f04ccbd89243bb01792e15e2ddf11241286d2d3d7c6375b92f8a2c0af6705f9bcf28c5ccccd4e2217b3951c89
- SSDEEP
  
  3072:DTBr1brskIwTYAeGO8ffDyJ1ve55tTfCT7LfV6gV6mr:LJpdOJ58KrYVm
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan