smokeloader | 047be6623bafd21921aca584be7da2741736a0a2c4c53b29253c282abcc73649 | Triage

Sharing

General

Target

047be6623bafd21921aca584be7da2741736a0a2c4c53b29253c282abcc73649
Size

122KB
Sample

241215-rdwq5aykdr
MD5

a5099c42a8c8e32a555ee52d195b4d36
SHA1

71b5153d9839c9cff1c1cbeb74ff8d86beeba813
SHA256

047be6623bafd21921aca584be7da2741736a0a2c4c53b29253c282abcc73649
SHA512

ac38a9767cd84a2894f2f2e88a0a700460b68b6ef673a3955037191296db0909193c2e0338b7f14ce8ee6b086016401a97956831498fc608272ffca1247e0c97
SSDEEP

3072:6GxcSfFbnNVBEaFpuZUadV6eVdxHcNJZ3WRs:6QcWTVB/iU+d5chWa

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  132d06d28af63f3b7c1e1161fe12a7eee549ea223593d7e97e63dd3d3a009950
- Size
  
  251KB
- MD5
  
  465c956697ed00c68e80887f62f97624
- SHA1
  
  8546b4fa34e27478e024d8dfe2ef2090ac6c06ae
- SHA256
  
  132d06d28af63f3b7c1e1161fe12a7eee549ea223593d7e97e63dd3d3a009950
- SHA512
  
  06feeb5febcda8bf25b9438f12b04c375c899765c4d5b7f07bad32e4b69cf3a89998791d2c76400b6c1f01ff4a9c5291de082515fabeb8679491b32ba845bc2e
- SSDEEP
  
  3072:QjoRQQXvoL29FVt44KgGH37CStwROKL6sxkgaBChUpZa9uD6Vdyhk:qoy8oL29FVt4ngGX+kgLniga3wVf
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan