smokeloader | fc3d69fd9bd5d63f959c3d639b8f44c3fd6150ce3ac2a73a2517f4179a7d5126 | Triage

Sharing

General

Target

fc3d69fd9bd5d63f959c3d639b8f44c3fd6150ce3ac2a73a2517f4179a7d5126.exe
Size

214KB
Sample

240820-cml6qayelg
MD5

03470d6e03a719ac869936c761ae90a4
SHA1

3c1600843f50d8d3306833f9a9a500c19a917bcf
SHA256

fc3d69fd9bd5d63f959c3d639b8f44c3fd6150ce3ac2a73a2517f4179a7d5126
SHA512

44a72e0548e24efa888d49c457353e7fca60ae649f969bdf9450c53cbdd32abb03a4efee1f02a6416aed7fe5f0de19983308e32c28ff4c200514940ec2fca99f
SSDEEP

3072:xqLubVGYLiXypVnhcn0xOBdWPeTqyH1vHy572H1:MLsVGyuy3nuWOiPeT51

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  fc3d69fd9bd5d63f959c3d639b8f44c3fd6150ce3ac2a73a2517f4179a7d5126.exe
- Size
  
  214KB
- MD5
  
  03470d6e03a719ac869936c761ae90a4
- SHA1
  
  3c1600843f50d8d3306833f9a9a500c19a917bcf
- SHA256
  
  fc3d69fd9bd5d63f959c3d639b8f44c3fd6150ce3ac2a73a2517f4179a7d5126
- SHA512
  
  44a72e0548e24efa888d49c457353e7fca60ae649f969bdf9450c53cbdd32abb03a4efee1f02a6416aed7fe5f0de19983308e32c28ff4c200514940ec2fca99f
- SSDEEP
  
  3072:xqLubVGYLiXypVnhcn0xOBdWPeTqyH1vHy572H1:MLsVGyuy3nuWOiPeT51
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan