smokeloader | 009c09f3118ec6a3a59a4ec3f07128e13a4e996791c8607f5e01e6652fa955b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

009c09f3118ec6a3a59a4ec3f07128e13a4e996791c8607f5e01e6652fa955b1.exe
Size

432KB
Sample

241020-bfannszdkf
MD5

8b8fc0b45d44ed10baab660a15116053
SHA1

20b7b21f629a540bfb08787e99c61caf1f7125ea
SHA256

009c09f3118ec6a3a59a4ec3f07128e13a4e996791c8607f5e01e6652fa955b1
SHA512

2ae40b34bc81c44fff9865ddc109178675d4083605198f87daec2ba90290e36d1152ba6805d53dfc0655d07c885d3783bfe420100b12f2aca27490f75fb5f849
SSDEEP

6144:8d3LmbSN1N0jloYl6xbuJou8yPvmGL2ccdYk/uyM5vDzD/7sFj:y3rN16jmG6x6ucCrmBP

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  009c09f3118ec6a3a59a4ec3f07128e13a4e996791c8607f5e01e6652fa955b1.exe
- Size
  
  432KB
- MD5
  
  8b8fc0b45d44ed10baab660a15116053
- SHA1
  
  20b7b21f629a540bfb08787e99c61caf1f7125ea
- SHA256
  
  009c09f3118ec6a3a59a4ec3f07128e13a4e996791c8607f5e01e6652fa955b1
- SHA512
  
  2ae40b34bc81c44fff9865ddc109178675d4083605198f87daec2ba90290e36d1152ba6805d53dfc0655d07c885d3783bfe420100b12f2aca27490f75fb5f849
- SSDEEP
  
  6144:8d3LmbSN1N0jloYl6xbuJou8yPvmGL2ccdYk/uyM5vDzD/7sFj:y3rN16jmG6x6ucCrmBP
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan