smokeloader | cd5ba832d7475d991af345a53312fbdf5ffbcf23c8e5637944c792590bbcbc06 | Triage

Sharing

General

Target

cd5ba832d7475d991af345a53312fbdf5ffbcf23c8e5637944c792590bbcbc06N
Size

226KB
Sample

240919-bxx6astfrr
MD5

ba4574498278bb2b0303defecba02fc0
SHA1

f78953e887aa541b1d3941a6291206340ca06fc9
SHA256

cd5ba832d7475d991af345a53312fbdf5ffbcf23c8e5637944c792590bbcbc06
SHA512

d7017fa7da4082f4746a3313cdb2582788ad42cdb7cc67b67aa2a2c87ced9e5e87fcd813488f73c5ac1179a53fde70ec7488b8259081c71fb21df75a8216256d
SSDEEP

3072:9+dSZUBEcxOGPiGhsBJMqDu55dpvVmkqOa3G:QaUB3Ji/33

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  cd5ba832d7475d991af345a53312fbdf5ffbcf23c8e5637944c792590bbcbc06N
- Size
  
  226KB
- MD5
  
  ba4574498278bb2b0303defecba02fc0
- SHA1
  
  f78953e887aa541b1d3941a6291206340ca06fc9
- SHA256
  
  cd5ba832d7475d991af345a53312fbdf5ffbcf23c8e5637944c792590bbcbc06
- SHA512
  
  d7017fa7da4082f4746a3313cdb2582788ad42cdb7cc67b67aa2a2c87ced9e5e87fcd813488f73c5ac1179a53fde70ec7488b8259081c71fb21df75a8216256d
- SSDEEP
  
  3072:9+dSZUBEcxOGPiGhsBJMqDu55dpvVmkqOa3G:QaUB3Ji/33
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan