smokeloader | 28399ac361d0f52d9585c25546199bb48d02df8c56a732d99c5e9347752b215e | Triage

Sharing

General

Target

28399ac361d0f52d9585c25546199bb48d02df8c56a732d99c5e9347752b215e
Size

358KB
Sample

240827-z8vrbatgkk
MD5

b711f828e375f67a65a26ff6134110f2
SHA1

261f19bfb4860659f21d9845a47bfa3512a8177b
SHA256

28399ac361d0f52d9585c25546199bb48d02df8c56a732d99c5e9347752b215e
SHA512

56a538deaaa9265f965cb2b31c4467a7308248b453a5b16d5b76ba5491e0dc4f6396c36f3bc1bc4b2eee5dfd9f22d47457a3f6c6119a8075a3dac821ef3849a1
SSDEEP

6144:038eVUUEUHvpsMugYcjHd3MusjMmeSPHBeUQJYMpaF:C8eVUzUHviMuGHd3M/Fnf0YnF

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  28399ac361d0f52d9585c25546199bb48d02df8c56a732d99c5e9347752b215e
- Size
  
  358KB
- MD5
  
  b711f828e375f67a65a26ff6134110f2
- SHA1
  
  261f19bfb4860659f21d9845a47bfa3512a8177b
- SHA256
  
  28399ac361d0f52d9585c25546199bb48d02df8c56a732d99c5e9347752b215e
- SHA512
  
  56a538deaaa9265f965cb2b31c4467a7308248b453a5b16d5b76ba5491e0dc4f6396c36f3bc1bc4b2eee5dfd9f22d47457a3f6c6119a8075a3dac821ef3849a1
- SSDEEP
  
  6144:038eVUUEUHvpsMugYcjHd3MusjMmeSPHBeUQJYMpaF:C8eVUzUHviMuGHd3M/Fnf0YnF
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan