smokeloader | aed805f4ceacfdd7b451b3d7ddf2f5ed0ec20bb57db09941d44658f05d015311 | Triage

Sharing

General

Target

d023942a2f2728b48ed5e19b9aabd640N.exe
Size

215KB
Sample

240817-j94gvayhjk
MD5

d023942a2f2728b48ed5e19b9aabd640
SHA1

070a343ee74f1b2eebb7e6c1cdfe64be07dfd61f
SHA256

aed805f4ceacfdd7b451b3d7ddf2f5ed0ec20bb57db09941d44658f05d015311
SHA512

7639ced35c1132b3861dd8815dbdf0f9852eaa1310b778c34a7ae542206cbe9e23559538defa9aeff292047ed6d9b5185d533c821d6ba6f049974ec5f0e2a05e
SSDEEP

3072:+6uUpHi90z0M0KtmCDbFN4RBkIf7NZKBJaEMiM50Qyb3c:cUpdwitZN7Izk9WE

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d023942a2f2728b48ed5e19b9aabd640N.exe
- Size
  
  215KB
- MD5
  
  d023942a2f2728b48ed5e19b9aabd640
- SHA1
  
  070a343ee74f1b2eebb7e6c1cdfe64be07dfd61f
- SHA256
  
  aed805f4ceacfdd7b451b3d7ddf2f5ed0ec20bb57db09941d44658f05d015311
- SHA512
  
  7639ced35c1132b3861dd8815dbdf0f9852eaa1310b778c34a7ae542206cbe9e23559538defa9aeff292047ed6d9b5185d533c821d6ba6f049974ec5f0e2a05e
- SSDEEP
  
  3072:+6uUpHi90z0M0KtmCDbFN4RBkIf7NZKBJaEMiM50Qyb3c:cUpdwitZN7Izk9WE
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan