smokeloader | 4a6b7aa864fcd7d4cd5e7ed84e3f032ec514585fd47a65c57ab56d61bbf7fcee | Triage

Sharing

General

Target

09eb9ca998f6905f205a88429dba2e80.zip
Size

153KB
Sample

240903-mmxbssvhnh
MD5

acd322d01e5aafe311cee5547fa19839
SHA1

dfaa7435769c8e7690707730688a1b9c4d1f9bc3
SHA256

4a6b7aa864fcd7d4cd5e7ed84e3f032ec514585fd47a65c57ab56d61bbf7fcee
SHA512

1301b96d80d4c1516aaf54f51f3602d92933ba2b1774c39c86dd13c42d49f95f989ccf65ded451cbf3c02d3c7e0858c264ca7f293ed9a497f17222d3a60ae542
SSDEEP

3072:OgaVl9t76uaEDMI/8Q/hnPj6R3Kru+6vt++1oQTQHsdtTmEjVIbW7z0Jy60gH:W/7cEQI9/Vjcaf6l++6RiVIbd6gH

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  01f6cb222552c7de5a822017d9979103aea06847d186234c8aa4e085fcc16d48
- Size
  
  233KB
- MD5
  
  09eb9ca998f6905f205a88429dba2e80
- SHA1
  
  23c62b405621e180a9e50b7b25057ff4b5a4b239
- SHA256
  
  01f6cb222552c7de5a822017d9979103aea06847d186234c8aa4e085fcc16d48
- SHA512
  
  2c3a6119adabab897d779f5fafaf0264910c557ece98af49cad8006998b4dd61e013700b94ec3b93ae8e3a97f03623aae152bab0511f3aefd626e3baac11da8e
- SSDEEP
  
  3072:DGxKfv13piO9tzL797sgIqz6iHzraaPe+CNf4/AWaSkSJu98vd:lv13piOfLtsw6iHzrFUIADG8el
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2