smokeloader | 7c00c24154ac3dad5ffac3ae924afe73d29b3932bffc9f8cbe0ec38aeeec41b2 | Triage

Sharing

General

Target

8b97124493d256a3e2cffc7d710ac4da.exe
Size

396KB
Sample

241025-hcw6tsxamj
MD5

8b97124493d256a3e2cffc7d710ac4da
SHA1

42f15a8a2145e898e8e3c14308a4bee73cc339dc
SHA256

7c00c24154ac3dad5ffac3ae924afe73d29b3932bffc9f8cbe0ec38aeeec41b2
SHA512

aeeb4ea982dd5a549e48405d1fca5109231734e223909481b73101b763e52d98020beef23f703f3f16f79e13d92893b106a2c3956c77ef7dd64e6b2b8ee62fb4
SSDEEP

6144:FcNL3/LgfwPWLPniZw5LysfG8f0gGs1hwmUO6bMy5WGwchoH/k7YR0TWY:+YfsWTiZ4LywG8fJsm64chqWV

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  8b97124493d256a3e2cffc7d710ac4da.exe
- Size
  
  396KB
- MD5
  
  8b97124493d256a3e2cffc7d710ac4da
- SHA1
  
  42f15a8a2145e898e8e3c14308a4bee73cc339dc
- SHA256
  
  7c00c24154ac3dad5ffac3ae924afe73d29b3932bffc9f8cbe0ec38aeeec41b2
- SHA512
  
  aeeb4ea982dd5a549e48405d1fca5109231734e223909481b73101b763e52d98020beef23f703f3f16f79e13d92893b106a2c3956c77ef7dd64e6b2b8ee62fb4
- SSDEEP
  
  6144:FcNL3/LgfwPWLPniZw5LysfG8f0gGs1hwmUO6bMy5WGwchoH/k7YR0TWY:+YfsWTiZ4LywG8fJsm64chqWV
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan