smokeloader | 03d00112c73404cd29f4eb191574376b580a1c1cf38560d07e988ccea2006e3e | Triage

Sharing

General

Target

03d00112c73404cd29f4eb191574376b580a1c1cf38560d07e988ccea2006e3e.exe
Size

396KB
Sample

240924-bdfrxavgph
MD5

34e07317817ca03f5eb4566851fe0cf3
SHA1

53aa6a1e3ca6e956c33f2b217649977aa1bb7ac3
SHA256

03d00112c73404cd29f4eb191574376b580a1c1cf38560d07e988ccea2006e3e
SHA512

e1ffd55fc67a20a0cd6cdff4f8e555c88d9c9f4484de063a963ffa728bb30d850ac806d5bdca24e9c9b536e9e3a7bc7f46e0e364bd9442f6dd8fccbf61bf1508
SSDEEP

6144:nZyOrEyRLH0Gdi7xFUaxU/zhCISmlIVkBAUFNFfZnln5eOOl8:n4OrLRLH87xFUacMISmIknBnlQd8

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  03d00112c73404cd29f4eb191574376b580a1c1cf38560d07e988ccea2006e3e.exe
- Size
  
  396KB
- MD5
  
  34e07317817ca03f5eb4566851fe0cf3
- SHA1
  
  53aa6a1e3ca6e956c33f2b217649977aa1bb7ac3
- SHA256
  
  03d00112c73404cd29f4eb191574376b580a1c1cf38560d07e988ccea2006e3e
- SHA512
  
  e1ffd55fc67a20a0cd6cdff4f8e555c88d9c9f4484de063a963ffa728bb30d850ac806d5bdca24e9c9b536e9e3a7bc7f46e0e364bd9442f6dd8fccbf61bf1508
- SSDEEP
  
  6144:nZyOrEyRLH0Gdi7xFUaxU/zhCISmlIVkBAUFNFfZnln5eOOl8:n4OrLRLH87xFUacMISmIknBnlQd8
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan