smokeloader | d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379 | Triage

Sharing

General

Target

d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
Size

387KB
Sample

240829-d5ysxatdqp
MD5

6987d01341d312fa95852bd5b016540e
SHA1

b042876d224d616d1c094003e4cf527bff747c8d
SHA256

d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
SHA512

28a79ea22e865406ad3cc0b59572a76215e3aa22e1d7f6eea547e6d7da8d6d5e80a1f157973ae58407d5166e9aae56e2c3fbf72abfd523d2dc57dbc5f74b6877
SSDEEP

6144:y40QpRh2NncFAzDWjXel44mw9OU3iY+i:yJi2NcyPWjXei4mZni

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
- Size
  
  387KB
- MD5
  
  6987d01341d312fa95852bd5b016540e
- SHA1
  
  b042876d224d616d1c094003e4cf527bff747c8d
- SHA256
  
  d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
- SHA512
  
  28a79ea22e865406ad3cc0b59572a76215e3aa22e1d7f6eea547e6d7da8d6d5e80a1f157973ae58407d5166e9aae56e2c3fbf72abfd523d2dc57dbc5f74b6877
- SSDEEP
  
  6144:y40QpRh2NncFAzDWjXel44mw9OU3iY+i:yJi2NcyPWjXei4mZni
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan