smokeloader | 0e22df51fc7e70931682f78d831ba5f187e7b180316be318eed2f9dae083bb10 | Triage

Sharing

General

Target

0e22df51fc7e70931682f78d831ba5f187e7b180316be318eed2f9dae083bb10.exe
Size

232KB
Sample

241025-bg8bbszgle
MD5

f45a742212418d4e6134e92289008093
SHA1

22cee4c742a94109452d6189d3d9016090bb5f99
SHA256

0e22df51fc7e70931682f78d831ba5f187e7b180316be318eed2f9dae083bb10
SHA512

865472021601f03176f90bbfad4b0c35e1fdd3de4c0f1b0ab5c00a7f643a3987cb7eaff204c7a17e95c7f1879d97ba463bd4149cb264c81387fa906d8feaf64b
SSDEEP

3072:FlYl4HCHXyrW7J+DP0+NZb55aIUznpE53yi92sm8Q8wcb:FlCsKy09bpa3yi92J8bwc

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  0e22df51fc7e70931682f78d831ba5f187e7b180316be318eed2f9dae083bb10.exe
- Size
  
  232KB
- MD5
  
  f45a742212418d4e6134e92289008093
- SHA1
  
  22cee4c742a94109452d6189d3d9016090bb5f99
- SHA256
  
  0e22df51fc7e70931682f78d831ba5f187e7b180316be318eed2f9dae083bb10
- SHA512
  
  865472021601f03176f90bbfad4b0c35e1fdd3de4c0f1b0ab5c00a7f643a3987cb7eaff204c7a17e95c7f1879d97ba463bd4149cb264c81387fa906d8feaf64b
- SSDEEP
  
  3072:FlYl4HCHXyrW7J+DP0+NZb55aIUznpE53yi92sm8Q8wcb:FlCsKy09bpa3yi92J8bwc
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan