smokeloader | 4705ca8dcd35a900b2450e2a782b5e3846c4be1b12985819135cffd3636b94cd | Triage

Sharing

General

Target

51627e1adb53ee9c80a5a63e976ffd80N.exe
Size

258KB
Sample

240820-k77bdstenh
MD5

51627e1adb53ee9c80a5a63e976ffd80
SHA1

05db4e5c74cbee0f68d69d9d1d63c08ca2004c85
SHA256

4705ca8dcd35a900b2450e2a782b5e3846c4be1b12985819135cffd3636b94cd
SHA512

42649fb97974b7deeccf342ff0e568ece63d769871ec4e0f61606e161287481bd39964e44ce95244bb1b51e2164fbdbbb78fad44e558e3efd1e32f7a37653846
SSDEEP

3072:o3BWhbvsV6gLP77XCx9VI3IG7d25NTfCT7LBl9r:m6gb7IyIQAKrl

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  51627e1adb53ee9c80a5a63e976ffd80N.exe
- Size
  
  258KB
- MD5
  
  51627e1adb53ee9c80a5a63e976ffd80
- SHA1
  
  05db4e5c74cbee0f68d69d9d1d63c08ca2004c85
- SHA256
  
  4705ca8dcd35a900b2450e2a782b5e3846c4be1b12985819135cffd3636b94cd
- SHA512
  
  42649fb97974b7deeccf342ff0e568ece63d769871ec4e0f61606e161287481bd39964e44ce95244bb1b51e2164fbdbbb78fad44e558e3efd1e32f7a37653846
- SSDEEP
  
  3072:o3BWhbvsV6gLP77XCx9VI3IG7d25NTfCT7LBl9r:m6gb7IyIQAKrl
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan