smokeloader | 65be31113bfca0514c4d405f0461aa07b08f0e73279aa76e8570772f1040a020 | Triage

Sharing

General

Target

9818e2183e71ede605df115083fbb7d0N.exe
Size

214KB
Sample

240903-c3ndqavcqj
MD5

9818e2183e71ede605df115083fbb7d0
SHA1

05fb7584491da5f03c3d425cdf46228ff1eeac6e
SHA256

65be31113bfca0514c4d405f0461aa07b08f0e73279aa76e8570772f1040a020
SHA512

58121a309d772bfa6cbdc2828d2005690a85cf7d40281c3e8557dbea534630515d497782e2ec2bc97bc27403d3f0786fce1c74abda08588cf6ad8306d53123c1
SSDEEP

3072:SHy7SD604z5NJuKDjkehrTvkLi5jekDHe:ADxAX9lhfZJ

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  9818e2183e71ede605df115083fbb7d0N.exe
- Size
  
  214KB
- MD5
  
  9818e2183e71ede605df115083fbb7d0
- SHA1
  
  05fb7584491da5f03c3d425cdf46228ff1eeac6e
- SHA256
  
  65be31113bfca0514c4d405f0461aa07b08f0e73279aa76e8570772f1040a020
- SHA512
  
  58121a309d772bfa6cbdc2828d2005690a85cf7d40281c3e8557dbea534630515d497782e2ec2bc97bc27403d3f0786fce1c74abda08588cf6ad8306d53123c1
- SSDEEP
  
  3072:SHy7SD604z5NJuKDjkehrTvkLi5jekDHe:ADxAX9lhfZJ
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan