smokeloader | d480200c0f19cee5cec46765f38ce727dd801fa82134f7341e9ffc7b19cd82ff | Triage

Sharing

General

Target

d480200c0f19cee5cec46765f38ce727dd801fa82134f7341e9ffc7b19cd82ff
Size

251KB
Sample

241107-qy1p5ssmgs
MD5

86dcf22cdd29244a2fd93b119147b053
SHA1

08a451aa6539ad9eeb578a634bb28fd80b940f56
SHA256

d480200c0f19cee5cec46765f38ce727dd801fa82134f7341e9ffc7b19cd82ff
SHA512

0a16ade71c6b4cf74fd5550f1803dd64c0b84c8cbb99740314eaf7e4563fbce06a87a49664174f9d971aaccac0788d293689ee217e7306968fac2f7ad49a0b8c
SSDEEP

3072:8UfwYOa9r4M42KWoMNvSoLwK9TQ5xMrzwi4ztlW:FGa9r472KWNV7wiEv

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  d480200c0f19cee5cec46765f38ce727dd801fa82134f7341e9ffc7b19cd82ff
- Size
  
  251KB
- MD5
  
  86dcf22cdd29244a2fd93b119147b053
- SHA1
  
  08a451aa6539ad9eeb578a634bb28fd80b940f56
- SHA256
  
  d480200c0f19cee5cec46765f38ce727dd801fa82134f7341e9ffc7b19cd82ff
- SHA512
  
  0a16ade71c6b4cf74fd5550f1803dd64c0b84c8cbb99740314eaf7e4563fbce06a87a49664174f9d971aaccac0788d293689ee217e7306968fac2f7ad49a0b8c
- SSDEEP
  
  3072:8UfwYOa9r4M42KWoMNvSoLwK9TQ5xMrzwi4ztlW:FGa9r472KWNV7wiEv
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan