smokeloader | 8a54366273c1762b0ba21b0884e83a5ea75fcc797b9df15eba53dbfb9b85d9b2 | Triage

Sharing

General

Target

8a54366273c1762b0ba21b0884e83a5ea75fcc797b9df15eba53dbfb9b85d9b2
Size

390KB
Sample

241024-pd7ghsvhle
MD5

8f5605b7b5d5c6299ae9128deee0c519
SHA1

78885bc3de1804e0e21c4b9e1e1435a0f6c8c5b3
SHA256

8a54366273c1762b0ba21b0884e83a5ea75fcc797b9df15eba53dbfb9b85d9b2
SHA512

3985eac7109cf2d34b73c37d8674eb07422372684fd1f6aaf7ca0f5f0420669444db97742367e8c654b5e13671b17a5417096008218f13533b2433a60b3e4ea9
SSDEEP

6144:/NLf/gXflvuxIgq5bRhTWMod9eiHBCFQBZJh2YPH/kWTI:FAfxub+VhSbd4EBkQDZvj

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  8a54366273c1762b0ba21b0884e83a5ea75fcc797b9df15eba53dbfb9b85d9b2
- Size
  
  390KB
- MD5
  
  8f5605b7b5d5c6299ae9128deee0c519
- SHA1
  
  78885bc3de1804e0e21c4b9e1e1435a0f6c8c5b3
- SHA256
  
  8a54366273c1762b0ba21b0884e83a5ea75fcc797b9df15eba53dbfb9b85d9b2
- SHA512
  
  3985eac7109cf2d34b73c37d8674eb07422372684fd1f6aaf7ca0f5f0420669444db97742367e8c654b5e13671b17a5417096008218f13533b2433a60b3e4ea9
- SSDEEP
  
  6144:/NLf/gXflvuxIgq5bRhTWMod9eiHBCFQBZJh2YPH/kWTI:FAfxub+VhSbd4EBkQDZvj
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan