smokeloader | 577533558f161a77c1faa8a24ae76929b6fe726b8e5a47caaa1cbf1ef6f50afe | Triage

Sharing

General

Target

c61f76c54ce0f89894ef870a48c5497c.bin
Size

126KB
Sample

241014-l1kpgsxhrm
MD5

77797b2704575b01f3cdd3ccc1bd3f4b
SHA1

a83f1036fedcdb5b487f57c79f198e381f5fa582
SHA256

577533558f161a77c1faa8a24ae76929b6fe726b8e5a47caaa1cbf1ef6f50afe
SHA512

4fef45d20d2ad2ee1d52dbece253a10ec50a41d6a7554edf20db26f0382f37c10a45486849342cc976cd4929368e8b487bff1dd636e8b50dd9531609555b6a74
SSDEEP

3072:ViUx445TXxe9cstmW3Nf8wKiJqCJNzqD95sKQOf88kT:3n5DxscG8wKequNG/u

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  dc6c2f9d57aee159b5c6453b56c93fa6976f83a3685b388aff968e5dfe498841.exe
- Size
  
  238KB
- MD5
  
  c61f76c54ce0f89894ef870a48c5497c
- SHA1
  
  2a7dd87f781df6fdaa1b17695d93ee9accf36d1c
- SHA256
  
  dc6c2f9d57aee159b5c6453b56c93fa6976f83a3685b388aff968e5dfe498841
- SHA512
  
  9f2290c6f27ae165e4bf78515149c76a6bd6550299f6ca765c70f89f08365bcff313ce8fb5e4e634b45e80fe6db8fcb9c121518623a26a535c0728f52b937021
- SSDEEP
  
  3072:2mIRlVcRxMiSBufsq53/Q+CoNnHgCFBxqXYUGrG:27yzQus+FJHhqI
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan