smokeloader | 6570048d267a29600e87d43959e6689b2f6990b87d850da794f00ff5d7ad714c | Triage

Sharing

General

Target

6570048d267a29600e87d43959e6689b2f6990b87d850da794f00ff5d7ad714c.exe
Size

199KB
Sample

240821-b5a1qstgkc
MD5

b03e41ed215b966c09d2e5f3d5c765b2
SHA1

51186d854cff6744a0c4db0a892e87df0da95043
SHA256

6570048d267a29600e87d43959e6689b2f6990b87d850da794f00ff5d7ad714c
SHA512

61037d9145817be763912ce39a44a958139f594d2e1410d114efcd6db68bb80b5133140ced1e40636fcd43cae5c7030cc28055070aaf5b33f1e1a737f9cd8716
SSDEEP

3072:aCLTSFLvG/M4b0Twf2HiNMU7fHTpbFkDI5uN:HLTSFb7kd2C5rNpy

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  6570048d267a29600e87d43959e6689b2f6990b87d850da794f00ff5d7ad714c.exe
- Size
  
  199KB
- MD5
  
  b03e41ed215b966c09d2e5f3d5c765b2
- SHA1
  
  51186d854cff6744a0c4db0a892e87df0da95043
- SHA256
  
  6570048d267a29600e87d43959e6689b2f6990b87d850da794f00ff5d7ad714c
- SHA512
  
  61037d9145817be763912ce39a44a958139f594d2e1410d114efcd6db68bb80b5133140ced1e40636fcd43cae5c7030cc28055070aaf5b33f1e1a737f9cd8716
- SSDEEP
  
  3072:aCLTSFLvG/M4b0Twf2HiNMU7fHTpbFkDI5uN:HLTSFb7kd2C5rNpy
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan