smokeloader | 06d2686cd1635c0ae8ba731b309726a445ffc193705901b676482b2f529c4caf | Triage

Sharing

General

Target

06d2686cd1635c0ae8ba731b309726a445ffc193705901b676482b2f529c4caf.exe
Size

200KB
Sample

240821-lllm8s1dqa
MD5

107359e07abb8411a667a4b9f1ff5c87
SHA1

1f8f10b85f00f74b3d2724ee71b9548fd57b730d
SHA256

06d2686cd1635c0ae8ba731b309726a445ffc193705901b676482b2f529c4caf
SHA512

b4b8b459ee92db523e50e1d69dc497d49f68ca40f180face30ddc27c45d00be6c3a1e526494f2660843ecead27d2a08ba78cdf6d68e573ae760015a03e9e119a
SSDEEP

3072:5Lvv3tcYp0YHt02TnZDDSWO08Wb35NASi:5Lvv3tcYntdpsKMSi

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  06d2686cd1635c0ae8ba731b309726a445ffc193705901b676482b2f529c4caf.exe
- Size
  
  200KB
- MD5
  
  107359e07abb8411a667a4b9f1ff5c87
- SHA1
  
  1f8f10b85f00f74b3d2724ee71b9548fd57b730d
- SHA256
  
  06d2686cd1635c0ae8ba731b309726a445ffc193705901b676482b2f529c4caf
- SHA512
  
  b4b8b459ee92db523e50e1d69dc497d49f68ca40f180face30ddc27c45d00be6c3a1e526494f2660843ecead27d2a08ba78cdf6d68e573ae760015a03e9e119a
- SSDEEP
  
  3072:5Lvv3tcYp0YHt02TnZDDSWO08Wb35NASi:5Lvv3tcYntdpsKMSi
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan