smokeloader | e3fcf8c514cebde470c4b0a76f716441863f70cb786825da8cf8a57c69da0566 | Triage

Sharing

General

Target

e3fcf8c514cebde470c4b0a76f716441863f70cb786825da8cf8a57c69da0566
Size

314KB
Sample

241107-l3fhjszfre
MD5

8585ff38d5d24cfdf129c670b45d810f
SHA1

c6ff7a4005006dbaadfd307c1d3705251ff7bcf6
SHA256

e3fcf8c514cebde470c4b0a76f716441863f70cb786825da8cf8a57c69da0566
SHA512

b3c948f8297877a6cecb9843a4364bf728bea03effc6c2124fc3f3f955ecc53bd46ffd1eb4437f7aa3cef61b6ce7265026ce1494e3024792941c888c30787b06
SSDEEP

3072:KHw0my/6DfB4X2laQfxOxXFogZ2qTeSwI6/Ys4iFousa+XFBWFn6jLBEoE94zHkz:vrYKKFZ2qPnXiCva+H8Ie34zd16

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  e3fcf8c514cebde470c4b0a76f716441863f70cb786825da8cf8a57c69da0566
- Size
  
  314KB
- MD5
  
  8585ff38d5d24cfdf129c670b45d810f
- SHA1
  
  c6ff7a4005006dbaadfd307c1d3705251ff7bcf6
- SHA256
  
  e3fcf8c514cebde470c4b0a76f716441863f70cb786825da8cf8a57c69da0566
- SHA512
  
  b3c948f8297877a6cecb9843a4364bf728bea03effc6c2124fc3f3f955ecc53bd46ffd1eb4437f7aa3cef61b6ce7265026ce1494e3024792941c888c30787b06
- SSDEEP
  
  3072:KHw0my/6DfB4X2laQfxOxXFogZ2qTeSwI6/Ys4iFousa+XFBWFn6jLBEoE94zHkz:vrYKKFZ2qPnXiCva+H8Ie34zd16
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan