smokeloader | 802577ef627ab553a5e281797896a912eb2dc629ccc6b318eada7ef8fbfb24ba | Triage

Sharing

General

Target

9792a07f9c7a4db8e9801ee6d4d3e575.exe
Size

200KB
Sample

240820-nvk46szbqe
MD5

9792a07f9c7a4db8e9801ee6d4d3e575
SHA1

4c5426bc47eec2182cee768784611f09e9170d0b
SHA256

802577ef627ab553a5e281797896a912eb2dc629ccc6b318eada7ef8fbfb24ba
SHA512

3c9c7cfb7ad7021e6923c4aa81b861e9f65a56bafcc54aee31ba0e174d88c59f1539d913498123d9fd365abc122d039f35e39dbc01c0e04b814e03f4750ac32b
SSDEEP

1536:wmWXBL9533UbcYeP+VwdRFxlY+ZuqcUlitNimH/QCUKc9Nu7T3IwJasPy/5leyta:UxLPvYJwO+ZuUdmfQv87T3RasPG5l7W

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  9792a07f9c7a4db8e9801ee6d4d3e575.exe
- Size
  
  200KB
- MD5
  
  9792a07f9c7a4db8e9801ee6d4d3e575
- SHA1
  
  4c5426bc47eec2182cee768784611f09e9170d0b
- SHA256
  
  802577ef627ab553a5e281797896a912eb2dc629ccc6b318eada7ef8fbfb24ba
- SHA512
  
  3c9c7cfb7ad7021e6923c4aa81b861e9f65a56bafcc54aee31ba0e174d88c59f1539d913498123d9fd365abc122d039f35e39dbc01c0e04b814e03f4750ac32b
- SSDEEP
  
  1536:wmWXBL9533UbcYeP+VwdRFxlY+ZuqcUlitNimH/QCUKc9Nu7T3IwJasPy/5leyta:UxLPvYJwO+ZuUdmfQv87T3RasPG5l7W
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan