smokeloader | 8059499745374fa5c911dd84c973c68463f21467f0e3446c4d1ed427d86ef3d6 | Triage

Sharing

General

Target

816-4-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240820-nyr2wstfqm
MD5

13a753ecc50277131226e3dc8e996eb3
SHA1

7e8b2e9081765502480c6b3229bb8ab8907950b8
SHA256

8059499745374fa5c911dd84c973c68463f21467f0e3446c4d1ed427d86ef3d6
SHA512

842136da29446bb4c90b83dd899c77300d7ab370d32d6602a52fea3acd7e7a980d2acd5a06ad67afe527fa0dc97493e393c91d161928c1867bd0f70bc30f1a4a
SSDEEP

768:CNRArRrQnz5y+bgsDF5I0haNLj1PokgJ4T:CNRAdEnzVF20MBj1PgJ4T

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  816-4-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  13a753ecc50277131226e3dc8e996eb3
- SHA1
  
  7e8b2e9081765502480c6b3229bb8ab8907950b8
- SHA256
  
  8059499745374fa5c911dd84c973c68463f21467f0e3446c4d1ed427d86ef3d6
- SHA512
  
  842136da29446bb4c90b83dd899c77300d7ab370d32d6602a52fea3acd7e7a980d2acd5a06ad67afe527fa0dc97493e393c91d161928c1867bd0f70bc30f1a4a
- SSDEEP
  
  768:CNRArRrQnz5y+bgsDF5I0haNLj1PokgJ4T:CNRAdEnzVF20MBj1PgJ4T
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pub1smokeloader

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan