smokeloader | 97ed0a1b37561eca26feb98cc748d6bc469e29d067b3ad850fd9ff5c3eb6f6ad | Triage

Sharing

General

Target

97ed0a1b37561eca26feb98cc748d6bc469e29d067b3ad850fd9ff5c3eb6f6ad.exe
Size

258KB
Sample

240821-cer21avcma
MD5

2a8c0f08d202ab96b07e041326289a25
SHA1

b6736fe6aa5b53668726a491dd75596d1d6e9484
SHA256

97ed0a1b37561eca26feb98cc748d6bc469e29d067b3ad850fd9ff5c3eb6f6ad
SHA512

875c98d058c2125bdf7c7a11deb943c3c219425bbea82bd9bda076ed394aef844ed2bdc22768e71c73d1169d152d1f8f2a33d935c1b9a807dcb2448ce607bebe
SSDEEP

3072:+3BahbvsDbW1OEHh1TCjpcHKZYz5sTfCT7LXoxojr:2bDEHPSpcHoJKr4Oj

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  97ed0a1b37561eca26feb98cc748d6bc469e29d067b3ad850fd9ff5c3eb6f6ad.exe
- Size
  
  258KB
- MD5
  
  2a8c0f08d202ab96b07e041326289a25
- SHA1
  
  b6736fe6aa5b53668726a491dd75596d1d6e9484
- SHA256
  
  97ed0a1b37561eca26feb98cc748d6bc469e29d067b3ad850fd9ff5c3eb6f6ad
- SHA512
  
  875c98d058c2125bdf7c7a11deb943c3c219425bbea82bd9bda076ed394aef844ed2bdc22768e71c73d1169d152d1f8f2a33d935c1b9a807dcb2448ce607bebe
- SSDEEP
  
  3072:+3BahbvsDbW1OEHh1TCjpcHKZYz5sTfCT7LXoxojr:2bDEHPSpcHoJKr4Oj
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan