smokeloader | dc06fd3eb04a603543131d5e55cf24eecd08ff6eded42a9cc12370dd7ef27c69 | Triage

Sharing

General

Target

dc06fd3eb04a603543131d5e55cf24eecd08ff6eded42a9cc12370dd7ef27c69.exe
Size

282KB
Sample

240920-b7vsxstbkj
MD5

56e3db9291d886a337ba3d4a12828bca
SHA1

a1ad3b87d4d58ee9a77d51cc23b3ea775c7c0a93
SHA256

dc06fd3eb04a603543131d5e55cf24eecd08ff6eded42a9cc12370dd7ef27c69
SHA512

1f2e29283a0ea3b921e0794e989d56eae0f01709b350b16a717840dd1d362354cfaa611729fa148b102f6cbca89ef6bfc3ece9334140044ee0eda912e9ca4c41
SSDEEP

6144:JF6xjwQaVe02c6drGhPby5TVnm+pzpj3Iin:2lwQaIJVIy5hnppzOi

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  dc06fd3eb04a603543131d5e55cf24eecd08ff6eded42a9cc12370dd7ef27c69.exe
- Size
  
  282KB
- MD5
  
  56e3db9291d886a337ba3d4a12828bca
- SHA1
  
  a1ad3b87d4d58ee9a77d51cc23b3ea775c7c0a93
- SHA256
  
  dc06fd3eb04a603543131d5e55cf24eecd08ff6eded42a9cc12370dd7ef27c69
- SHA512
  
  1f2e29283a0ea3b921e0794e989d56eae0f01709b350b16a717840dd1d362354cfaa611729fa148b102f6cbca89ef6bfc3ece9334140044ee0eda912e9ca4c41
- SSDEEP
  
  6144:JF6xjwQaVe02c6drGhPby5TVnm+pzpj3Iin:2lwQaIJVIy5hnppzOi
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan