smokeloader | 40ac15e5d63ab7ac175f98db45bcac37ddd422e737608d0e7db245f0ffe12da5 | Triage

Sharing

General

Target

0e0cfe7e42cf47bd12e769993d692283.bin
Size

115KB
Sample

241103-bczhmatkfk
MD5

48ff7588829b049d369be8fe2ce55a54
SHA1

08bf5bc9cc5f5575e39caf6f655f7235090832f8
SHA256

40ac15e5d63ab7ac175f98db45bcac37ddd422e737608d0e7db245f0ffe12da5
SHA512

696c629198e33c904ea15039d50e33e55d85bb12bcbeec84e5ff3bdce7853cf09885d736d6d6fa5b8efaf36fd04f39e6b3c1fdbf460bbb91c17860cfb6aed974
SSDEEP

3072:fr6LuHba36RBCRhMF7c23X+J56iAv51kA2P7BSu4GVEu:T+qRBCRaF7r3uGiobkA2TBSNGJ

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  58bded444fa5ac1c5d9bc34b6e155667d088f089d50923fc759162a6e9ad1e4d.exe
- Size
  
  214KB
- MD5
  
  0e0cfe7e42cf47bd12e769993d692283
- SHA1
  
  60e246894470f16d4aede73b2c2e05ee9ec7dbef
- SHA256
  
  58bded444fa5ac1c5d9bc34b6e155667d088f089d50923fc759162a6e9ad1e4d
- SHA512
  
  a0631d8b3fa5dd1b9b71e96d735360059f12db6e479424d3b9974f56b5ff99c75450294d22e861f0a292644f624938681a9f5ea5b363d5a10c8725895fae7200
- SSDEEP
  
  1536:TAOv0+WJzlN3vzO1APP+vOz6K3rn7LOFLdllav/Y8BLKYS50541CZD8HjTqKAX++:TyDvC1u+vOGY2LdnlYS505U7AOiMs
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan