Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    211KB

  • Sample

    240708-eshftstfre

  • MD5

    aeb1d328221b268578d7ff6c7cb64f87

  • SHA1

    b086cb9738de2b72943d033ae6337848a1bef90e

  • SHA256

    f40c3883f19dda754f0d00ab1e51d8d691c680490ea4040f6a03ac0337ba2584

  • SHA512

    ad7013661fdccaa2334c384b1cbc009d2cf76da1b75541a98a5a768fc14eaee7287c8445bcd5323a4e1789d88d9d79549ce92706c6473ea9451a76225a762e90

  • SSDEEP

    3072:nvx8gKClQiS5NchbQtvajVBG6MVN0Kd24kfc3A/:vx8gKlJ8JBG6FKkU

Score
10/10
smokeloaderpub1backdoortrojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

    • Target

      file.exe

    • Size

      211KB

    • MD5

      aeb1d328221b268578d7ff6c7cb64f87

    • SHA1

      b086cb9738de2b72943d033ae6337848a1bef90e

    • SHA256

      f40c3883f19dda754f0d00ab1e51d8d691c680490ea4040f6a03ac0337ba2584

    • SHA512

      ad7013661fdccaa2334c384b1cbc009d2cf76da1b75541a98a5a768fc14eaee7287c8445bcd5323a4e1789d88d9d79549ce92706c6473ea9451a76225a762e90

    • SSDEEP

      3072:nvx8gKClQiS5NchbQtvajVBG6MVN0Kd24kfc3A/:vx8gKlJ8JBG6FKkU

    Score
    10/10
    smokeloaderpub1backdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks