smokeloader | 9b471c366c20e4fd0e226a4fd7bf8fcbdaa11ef78ba3f881a98d0a0928de731b | Triage

Sharing

General

Target

9b471c366c20e4fd0e226a4fd7bf8fcbdaa11ef78ba3f881a98d0a0928de731b
Size

338KB
Sample

241110-e5y94szerb
MD5

eaf254c6e81ca8e872988dad5de578ad
SHA1

c895f8c07fb1501f441dae05d9feb809eb01c3a3
SHA256

9b471c366c20e4fd0e226a4fd7bf8fcbdaa11ef78ba3f881a98d0a0928de731b
SHA512

f846ac5cfe54715df9878ed199ab6cc2363cea8558048cf846d56487fba27bb574ae5d38f9bc00b28491fb7cfd57f978baf1730bbccbe57cd6892f72136643eb
SSDEEP

6144:0HQ94W2q7Wzw9qoYfnxaKPa4+/3EkWbfDpjp:GfFq7IWJYfxaKPi/3nWbb

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  9b471c366c20e4fd0e226a4fd7bf8fcbdaa11ef78ba3f881a98d0a0928de731b
- Size
  
  338KB
- MD5
  
  eaf254c6e81ca8e872988dad5de578ad
- SHA1
  
  c895f8c07fb1501f441dae05d9feb809eb01c3a3
- SHA256
  
  9b471c366c20e4fd0e226a4fd7bf8fcbdaa11ef78ba3f881a98d0a0928de731b
- SHA512
  
  f846ac5cfe54715df9878ed199ab6cc2363cea8558048cf846d56487fba27bb574ae5d38f9bc00b28491fb7cfd57f978baf1730bbccbe57cd6892f72136643eb
- SSDEEP
  
  6144:0HQ94W2q7Wzw9qoYfnxaKPa4+/3EkWbfDpjp:GfFq7IWJYfxaKPi/3nWbb
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan