smokeloader | e798106229f6985b40bd436abaf516360b7d19501f0f8c1ce89a3197ebb421a4 | Triage

Sharing

General

Target

43da422957b397e2805362661ab3fd4a.exe
Size

375KB
Sample

241003-mnm5hsxakq
MD5

43da422957b397e2805362661ab3fd4a
SHA1

d9fcee0d2a68c509bd8fc8c30ee263de5c80b883
SHA256

e798106229f6985b40bd436abaf516360b7d19501f0f8c1ce89a3197ebb421a4
SHA512

164afbbb93a02fb334c57fea332255ca8f578ceece8c5ad22fa552cdc31cf45733abce2ebc0e8db224bf3d3d0b21a344358cc0379adf1d8afe4d2db8e0c7574f
SSDEEP

6144:6rkVntaABNOcmGaDOVufNOsGps4qCMasrHBtlFDhTD:+ya0NMfslplxUrHtFDF

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  43da422957b397e2805362661ab3fd4a.exe
- Size
  
  375KB
- MD5
  
  43da422957b397e2805362661ab3fd4a
- SHA1
  
  d9fcee0d2a68c509bd8fc8c30ee263de5c80b883
- SHA256
  
  e798106229f6985b40bd436abaf516360b7d19501f0f8c1ce89a3197ebb421a4
- SHA512
  
  164afbbb93a02fb334c57fea332255ca8f578ceece8c5ad22fa552cdc31cf45733abce2ebc0e8db224bf3d3d0b21a344358cc0379adf1d8afe4d2db8e0c7574f
- SSDEEP
  
  6144:6rkVntaABNOcmGaDOVufNOsGps4qCMasrHBtlFDhTD:+ya0NMfslplxUrHtFDF
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan