smokeloader | 6a75dc694584d237abf3dd6261b3fc25b3ecc22361b252311f258631761fde0c | Triage

Sharing

General

Target

6a75dc694584d237abf3dd6261b3fc25b3ecc22361b252311f258631761fde0c.exe
Size

278KB
Sample

250216-hd48tsxkbm
MD5

9b5f9619e40261e5fb5331b047331d81
SHA1

e76ebdb065141607d6a7e50f8d85f55508904737
SHA256

6a75dc694584d237abf3dd6261b3fc25b3ecc22361b252311f258631761fde0c
SHA512

1f59c5b2ace0518f5affcb8b8d8365029871eeb37cd7c507a8c292dca8c9b0298fb26b6e95a2c1a14d4f715f4899dacb61d1fd0330147dc151319c8cbd859078
SSDEEP

3072:Zf9JL7/HDaO1qN4Nf0efiIufkoKX5vomFOvxduMLXO:NLPM6f0JCBoT/q

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  6a75dc694584d237abf3dd6261b3fc25b3ecc22361b252311f258631761fde0c.exe
- Size
  
  278KB
- MD5
  
  9b5f9619e40261e5fb5331b047331d81
- SHA1
  
  e76ebdb065141607d6a7e50f8d85f55508904737
- SHA256
  
  6a75dc694584d237abf3dd6261b3fc25b3ecc22361b252311f258631761fde0c
- SHA512
  
  1f59c5b2ace0518f5affcb8b8d8365029871eeb37cd7c507a8c292dca8c9b0298fb26b6e95a2c1a14d4f715f4899dacb61d1fd0330147dc151319c8cbd859078
- SSDEEP
  
  3072:Zf9JL7/HDaO1qN4Nf0efiIufkoKX5vomFOvxduMLXO:NLPM6f0JCBoT/q
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan