smokeloader | c96a689a1ed21e356424f590edc76697fcea743973c1e5714289d0bd44111780 | Triage

Sharing

General

Target

c96a689a1ed21e356424f590edc76697fcea743973c1e5714289d0bd44111780N
Size

216KB
Sample

241026-hyxdqasflq
MD5

337a3b4bb2163d70995e540171c56ac0
SHA1

dbb156221c737e55f0fe2fa7d004a876f9ac087f
SHA256

c96a689a1ed21e356424f590edc76697fcea743973c1e5714289d0bd44111780
SHA512

675155129ebfa3b1bb6172da3ac6a1470c09d4fa0288b7452ce99384a4193eea37f40e8df51a660295b1c00e661a128591b2486d5a0898926e5c717ac2740be0
SSDEEP

3072:0aLeM+ltQYVWxCJI+N0ZJ2FMZ5jidCSYBy2tP+W5tK6/5:kM+lRVW4viZ0FjYB5P46

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  c96a689a1ed21e356424f590edc76697fcea743973c1e5714289d0bd44111780N
- Size
  
  216KB
- MD5
  
  337a3b4bb2163d70995e540171c56ac0
- SHA1
  
  dbb156221c737e55f0fe2fa7d004a876f9ac087f
- SHA256
  
  c96a689a1ed21e356424f590edc76697fcea743973c1e5714289d0bd44111780
- SHA512
  
  675155129ebfa3b1bb6172da3ac6a1470c09d4fa0288b7452ce99384a4193eea37f40e8df51a660295b1c00e661a128591b2486d5a0898926e5c717ac2740be0
- SSDEEP
  
  3072:0aLeM+ltQYVWxCJI+N0ZJ2FMZ5jidCSYBy2tP+W5tK6/5:kM+lRVW4viZ0FjYB5P46
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan