smokeloader | 6bcfbac0e4ef8070b0c5d49b5de804220e1a315592452b88c2043e85a5d9757d | Triage

Sharing

General

Target

6bcfbac0e4ef8070b0c5d49b5de804220e1a315592452b88c2043e85a5d9757d
Size

222KB
Sample

241215-qydwdaxnak
MD5

9b628627e5aa40a2f8f654b68399f294
SHA1

b7437e80ededfe72bd71c7d520c1f2bc453c740e
SHA256

6bcfbac0e4ef8070b0c5d49b5de804220e1a315592452b88c2043e85a5d9757d
SHA512

0acecb56aeef585769c957c4c312b81449bd16c057178aa3b30c6a6ff9c5092d5278fd78b8df19ed8ed93906fa76e6cbcdb4814ef543f1bef80b620dfce18c2d
SSDEEP

6144:RxIr78fOKW1TWr/hk1+r3JY5uyN2iqR0Zy0Dm:R8rdKr/hkQOVy0ZZDm

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  255ba2ffbd8657c9a674d123241accd2bce55fdaa90d59560ad23ef96ebd829a
- Size
  
  334KB
- MD5
  
  8fb1b310465718c4e2107d4da17e509e
- SHA1
  
  aea750e57a93fd78cac750bebae45452de1c6482
- SHA256
  
  255ba2ffbd8657c9a674d123241accd2bce55fdaa90d59560ad23ef96ebd829a
- SHA512
  
  18dc38680e1be8f7a2ed2a4fbbf2aa6a6cd0597e0f488a4ba45b9850f448b97ff428da56559a9a0f8f96f36c1491751db348656a58fff51b29cadba7edadf952
- SSDEEP
  
  6144:cvMD5BzKPUkq76pr/hc5vo+xS9h+3oQ9gOU+fzYBb6:vD5kMkqkr/hcNB9gT6
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan