smokeloader | d9ada9e0625b3d794146200935969bbb5f8a6ad3a998b1408617574bcc9e524f | Triage

Sharing

General

Target

d9ada9e0625b3d794146200935969bbb5f8a6ad3a998b1408617574bcc9e524f.exe
Size

232KB
Sample

240917-bz8ptazbjq
MD5

6b0969eed91d044d6c30af82c4fe58f0
SHA1

834e56fdbada1ccddd506fc12eb883155b671281
SHA256

d9ada9e0625b3d794146200935969bbb5f8a6ad3a998b1408617574bcc9e524f
SHA512

3d5a88cc0b4716a4b126b9c1bc25e41012eade1dccfb0204c7a4a7795a85764aa7e648b27316f35e7bcd52622c199ab6640c3b19cc37f6014ef5293f6b3dd380
SSDEEP

3072:M9PFYSLtMp5olcxWrNJCVSWgOuc5NJu+r7Avo5+IjMKIjGhasGcdhG:mLEelcGOyc5NJSRjGYsGI

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  d9ada9e0625b3d794146200935969bbb5f8a6ad3a998b1408617574bcc9e524f.exe
- Size
  
  232KB
- MD5
  
  6b0969eed91d044d6c30af82c4fe58f0
- SHA1
  
  834e56fdbada1ccddd506fc12eb883155b671281
- SHA256
  
  d9ada9e0625b3d794146200935969bbb5f8a6ad3a998b1408617574bcc9e524f
- SHA512
  
  3d5a88cc0b4716a4b126b9c1bc25e41012eade1dccfb0204c7a4a7795a85764aa7e648b27316f35e7bcd52622c199ab6640c3b19cc37f6014ef5293f6b3dd380
- SSDEEP
  
  3072:M9PFYSLtMp5olcxWrNJCVSWgOuc5NJu+r7Avo5+IjMKIjGhasGcdhG:mLEelcGOyc5NJSRjGYsGI
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan