smokeloader | d77190c9003348a5731a70e2bc9889bde4eccd76624664163aae661c0948ed0c | Triage

Sharing

General

Target

d77190c9003348a5731a70e2bc9889bde4eccd76624664163aae661c0948ed0c.exe
Size

196KB
Sample

240926-cz861ssdnl
MD5

2ce30ff4da960e0bb6fa2633f5b9ff2c
SHA1

ed823fa8a6070816ea6d98e53d8d5bfc39f25922
SHA256

d77190c9003348a5731a70e2bc9889bde4eccd76624664163aae661c0948ed0c
SHA512

00a703d7976eff1bdc4b1ecec6cd4a1762d3477d6c811c03d5a81248853529bc1937f8c9c39f83dd7a5b11022e18a99db18189ee3392ff2c4ccc61d4e6244031
SSDEEP

1536:Co3wpoLTL6u4l+JKPbCEoaR8Uja6/Aire/AfAMZ9EgPAInIBv5V2PTl+rzyr:CjaL9uuUfIir5bzdoIIBv5e

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d77190c9003348a5731a70e2bc9889bde4eccd76624664163aae661c0948ed0c.exe
- Size
  
  196KB
- MD5
  
  2ce30ff4da960e0bb6fa2633f5b9ff2c
- SHA1
  
  ed823fa8a6070816ea6d98e53d8d5bfc39f25922
- SHA256
  
  d77190c9003348a5731a70e2bc9889bde4eccd76624664163aae661c0948ed0c
- SHA512
  
  00a703d7976eff1bdc4b1ecec6cd4a1762d3477d6c811c03d5a81248853529bc1937f8c9c39f83dd7a5b11022e18a99db18189ee3392ff2c4ccc61d4e6244031
- SSDEEP
  
  1536:Co3wpoLTL6u4l+JKPbCEoaR8Uja6/Aire/AfAMZ9EgPAInIBv5V2PTl+rzyr:CjaL9uuUfIir5bzdoIIBv5e
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan