smokeloader | 4483f73c3416a15f0bc21366501821e93c04bdc6891e3fbe40ab27e75b7091f5 | Triage

Sharing

General

Target

4483f73c3416a15f0bc21366501821e93c04bdc6891e3fbe40ab27e75b7091f5.exe
Size

345KB
Sample

241124-k3redasrht
MD5

3b9fa37a9c46bed8f1772c38f6d19fc6
SHA1

eeae326474b589f728086392656983b81de4b786
SHA256

4483f73c3416a15f0bc21366501821e93c04bdc6891e3fbe40ab27e75b7091f5
SHA512

f1de5d5f0ed0d394af25caf46fc00cf87c7b5b129445d965d9e010576e7fcd0e4022be512e4f77026dc27f50d4a5b50a161b07a1be0846451d8605d47289cfa1
SSDEEP

6144:BHdqqzjjo9f4LUatDrBPsQRuI3R00gBGmObbdxqmLUN1rBQbLTrHZ:B9Fzjjsf4YqDBsQRVKZQbdxqm0rBGLH5

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  4483f73c3416a15f0bc21366501821e93c04bdc6891e3fbe40ab27e75b7091f5.exe
- Size
  
  345KB
- MD5
  
  3b9fa37a9c46bed8f1772c38f6d19fc6
- SHA1
  
  eeae326474b589f728086392656983b81de4b786
- SHA256
  
  4483f73c3416a15f0bc21366501821e93c04bdc6891e3fbe40ab27e75b7091f5
- SHA512
  
  f1de5d5f0ed0d394af25caf46fc00cf87c7b5b129445d965d9e010576e7fcd0e4022be512e4f77026dc27f50d4a5b50a161b07a1be0846451d8605d47289cfa1
- SSDEEP
  
  6144:BHdqqzjjo9f4LUatDrBPsQRuI3R00gBGmObbdxqmLUN1rBQbLTrHZ:B9Fzjjsf4YqDBsQRVKZQbdxqm0rBGLH5
Score

10^/10

smokeloader pub3 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoordiscoverytrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan