smokeloader | bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac | Triage

Sharing

General

Target

bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe
Size

207KB
Sample

240823-c436katdjj
MD5

4777e7f05fd00c4d760eb3f2c9aed68b
SHA1

1cc060d5b056c66f41f81f75c6c3a7ac33c5a8ca
SHA256

bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac
SHA512

07279383e308db0c66480d29076b247d6925a17c7b3188176277eaac52e2a362b88297a028f71d6ac985efc1b6963aae6665ae03c7539f30a632f48d396c99cb
SSDEEP

3072:IrWdgWAjvWA/mQrhj5PV+5HV0tr7L/G5gdSe4+NtM:IrHtvWAh7+KSe4

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe
- Size
  
  207KB
- MD5
  
  4777e7f05fd00c4d760eb3f2c9aed68b
- SHA1
  
  1cc060d5b056c66f41f81f75c6c3a7ac33c5a8ca
- SHA256
  
  bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac
- SHA512
  
  07279383e308db0c66480d29076b247d6925a17c7b3188176277eaac52e2a362b88297a028f71d6ac985efc1b6963aae6665ae03c7539f30a632f48d396c99cb
- SSDEEP
  
  3072:IrWdgWAjvWA/mQrhj5PV+5HV0tr7L/G5gdSe4+NtM:IrHtvWAh7+KSe4
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan