smokeloader | a7420a3624b4634840b1b6092749027fce4bf3cd55b3ccae8c432774a02a8fe1 | Triage

Sharing

General

Target

2084-3-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240926-j8x9fawhkk
MD5

cca67396b697b57d5f375af658801e2d
SHA1

2e78a8666a7b244176b0ea25ab48859089fbe196
SHA256

a7420a3624b4634840b1b6092749027fce4bf3cd55b3ccae8c432774a02a8fe1
SHA512

955fbebfd52baa4ab7142f362931c251b56b6b5bb915f4d7240dd9e0304b531fbb10c94be34c7d60e014c2ab3894ba8e202ba85e4ac66eb4e739470981f31180
SSDEEP

768:RR8yqBqJTIH50g0SW9uM7/953mpdH5Yvos0tdB80Z1srmN:r8PePTftV53uV5Ygs0TBymN

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  2084-3-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  cca67396b697b57d5f375af658801e2d
- SHA1
  
  2e78a8666a7b244176b0ea25ab48859089fbe196
- SHA256
  
  a7420a3624b4634840b1b6092749027fce4bf3cd55b3ccae8c432774a02a8fe1
- SHA512
  
  955fbebfd52baa4ab7142f362931c251b56b6b5bb915f4d7240dd9e0304b531fbb10c94be34c7d60e014c2ab3894ba8e202ba85e4ac66eb4e739470981f31180
- SSDEEP
  
  768:RR8yqBqJTIH50g0SW9uM7/953mpdH5Yvos0tdB80Z1srmN:r8PePTftV53uV5Ygs0TBymN
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pub3smokeloader

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan