smokeloader | 687a83f2a23dbf36788d3776d1165a19bc2464e8f08886092adda83ffbabf630 | Triage

Sharing

General

Target

0a08ba33834594bf47de5b8583d76e30N.exe
Size

274KB
Sample

240825-j874msthqh
MD5

0a08ba33834594bf47de5b8583d76e30
SHA1

40bb296bd172a42674fb276eb2f36377b8306157
SHA256

687a83f2a23dbf36788d3776d1165a19bc2464e8f08886092adda83ffbabf630
SHA512

76776e7fbc8847d85929477ddaec3408f27463fdbe377eaf74e69b26453d0ffe6a6410a643e16fac53a9942fcb383345fc46624ecded7fadedd5b13fe576975e
SSDEEP

3072:duL95jj4eztSPzJindHia5IsuVCgAz3+8Rx8RYeuk6Fk8gCTChVb0dc/sTWCHAVM:EL95jjRRSPsiaG03+m+eGhBkywAV+8

Score

10^/10

smokeloader pub6 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub6

Targets

- Target
  
  0a08ba33834594bf47de5b8583d76e30N.exe
- Size
  
  274KB
- MD5
  
  0a08ba33834594bf47de5b8583d76e30
- SHA1
  
  40bb296bd172a42674fb276eb2f36377b8306157
- SHA256
  
  687a83f2a23dbf36788d3776d1165a19bc2464e8f08886092adda83ffbabf630
- SHA512
  
  76776e7fbc8847d85929477ddaec3408f27463fdbe377eaf74e69b26453d0ffe6a6410a643e16fac53a9942fcb383345fc46624ecded7fadedd5b13fe576975e
- SSDEEP
  
  3072:duL95jj4eztSPzJindHia5IsuVCgAz3+8Rx8RYeuk6Fk8gCTChVb0dc/sTWCHAVM:EL95jjRRSPsiaG03+m+eGhBkywAV+8
Score

10^/10

smokeloader pub6 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub6backdoordiscoverytrojan

behavioral2

smokeloaderpub6backdoordiscoverytrojan