smokeloader | 18b275bc2019a1023703c48af79133bc6bdfce5ea68b72837c3ea96244d0ea7d | Triage

Sharing

General

Target

18b275bc2019a1023703c48af79133bc6bdfce5ea68b72837c3ea96244d0ea7d.exe
Size

211KB
Sample

240820-bgrzcazdlk
MD5

bead29639262d9e62e74e23eb65eb480
SHA1

bff76800b0eafca77ce5db423ceaed0a1885962b
SHA256

18b275bc2019a1023703c48af79133bc6bdfce5ea68b72837c3ea96244d0ea7d
SHA512

d2f0ffed0d8443958610abc7f601153089a1e2a209b180ee81e99e2bf4b2756380481731dae2bae1617fb81f875f43d08e72372004a9fe793711a4f3e2ea9ba4
SSDEEP

3072:+nLAF9Hh1ixm20saYC5uyq/pkxePmxGj49wBv5vFa:SLAF9B8q3YKurpRgJWa

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  18b275bc2019a1023703c48af79133bc6bdfce5ea68b72837c3ea96244d0ea7d.exe
- Size
  
  211KB
- MD5
  
  bead29639262d9e62e74e23eb65eb480
- SHA1
  
  bff76800b0eafca77ce5db423ceaed0a1885962b
- SHA256
  
  18b275bc2019a1023703c48af79133bc6bdfce5ea68b72837c3ea96244d0ea7d
- SHA512
  
  d2f0ffed0d8443958610abc7f601153089a1e2a209b180ee81e99e2bf4b2756380481731dae2bae1617fb81f875f43d08e72372004a9fe793711a4f3e2ea9ba4
- SSDEEP
  
  3072:+nLAF9Hh1ixm20saYC5uyq/pkxePmxGj49wBv5vFa:SLAF9B8q3YKurpRgJWa
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan