smokeloader | 3fe2ffde94b8dcd33551ae9fcac3eebe04f0311230cfaa64a75d8d869edd4489 | Triage

Sharing

General

Target

3fe2ffde94b8dcd33551ae9fcac3eebe04f0311230cfaa64a75d8d869edd4489
Size

323KB
Sample

241109-qtstqsyjar
MD5

fbdbdf4197656c740b6ddc1c8dbf8246
SHA1

eca887d090868308447612bd58b3c4078dec2c38
SHA256

3fe2ffde94b8dcd33551ae9fcac3eebe04f0311230cfaa64a75d8d869edd4489
SHA512

ac820849d059d57aa4eb36728caec9198755a03e16b1ad6a4908b2c9a89049394d8a19604ba6e33d2f69ea442a6636bbab133e22d483fac1603e2551253011bb
SSDEEP

6144:L85SjvClJYPjgSscfIluwrzcuI8V3kkZMNx:ASjQJYPjTfIluicuI8VwN

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  3fe2ffde94b8dcd33551ae9fcac3eebe04f0311230cfaa64a75d8d869edd4489
- Size
  
  323KB
- MD5
  
  fbdbdf4197656c740b6ddc1c8dbf8246
- SHA1
  
  eca887d090868308447612bd58b3c4078dec2c38
- SHA256
  
  3fe2ffde94b8dcd33551ae9fcac3eebe04f0311230cfaa64a75d8d869edd4489
- SHA512
  
  ac820849d059d57aa4eb36728caec9198755a03e16b1ad6a4908b2c9a89049394d8a19604ba6e33d2f69ea442a6636bbab133e22d483fac1603e2551253011bb
- SSDEEP
  
  6144:L85SjvClJYPjgSscfIluwrzcuI8V3kkZMNx:ASjQJYPjTfIluicuI8VwN
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan