smokeloader | be7a70120428032bf1483031a744a134f163f734e7a4d48691ed45fe3fec22ac | Triage

Sharing

General

Target

be7a70120428032bf1483031a744a134f163f734e7a4d48691ed45fe3fec22ac
Size

237KB
Sample

241106-1lyp5axnhz
MD5

3f480700774b83aa9f4277ab7b2c88fd
SHA1

c86f0ca95afc20f44a66ed977308e14bc5602ca4
SHA256

be7a70120428032bf1483031a744a134f163f734e7a4d48691ed45fe3fec22ac
SHA512

3d979ec69a380594adfddc9e0ed7e8cd5a7acdbf4460f619a301f68ccd26394b45e18db50e7314ff24821eae89d01d82a77aaaf7305647edcbd1bd54bb4d6788
SSDEEP

6144:l29fyLu0A/6SSbdXG9KViOtVGJetSBWYmig:SsurySS5G9KA7J5uR

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  be7a70120428032bf1483031a744a134f163f734e7a4d48691ed45fe3fec22ac
- Size
  
  237KB
- MD5
  
  3f480700774b83aa9f4277ab7b2c88fd
- SHA1
  
  c86f0ca95afc20f44a66ed977308e14bc5602ca4
- SHA256
  
  be7a70120428032bf1483031a744a134f163f734e7a4d48691ed45fe3fec22ac
- SHA512
  
  3d979ec69a380594adfddc9e0ed7e8cd5a7acdbf4460f619a301f68ccd26394b45e18db50e7314ff24821eae89d01d82a77aaaf7305647edcbd1bd54bb4d6788
- SSDEEP
  
  6144:l29fyLu0A/6SSbdXG9KViOtVGJetSBWYmig:SsurySS5G9KA7J5uR
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan