smokeloader | defbb816e1377fd6284d6434812c712b4449125116c8909eb5ac947a851b4ff8 | Triage

Sharing

General

Target

defbb816e1377fd6284d6434812c712b4449125116c8909eb5ac947a851b4ff8
Size

234KB
Sample

240525-13j83acb8z
MD5

38003bd5a3926858480c930f02ef7753
SHA1

16d2630ccbbd1c723709fa6fc6a535aeab895da1
SHA256

defbb816e1377fd6284d6434812c712b4449125116c8909eb5ac947a851b4ff8
SHA512

3b601014e42a1d138c021b7f014131e70f8e01f879ce002d42ea1828d5078217e4ff94d97ef9c3072ee066f3c7506291b5123abd8b9933824812ce72db98d7cb
SSDEEP

3072:nMySERDqNMkanWE4auSH+U5lPLMhYyGQY5MMqLGZ2sEs8OGrid//KTiHY:plUGkaWzau0RMWAY5MMq6Z5EswC//KT

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  defbb816e1377fd6284d6434812c712b4449125116c8909eb5ac947a851b4ff8
- Size
  
  234KB
- MD5
  
  38003bd5a3926858480c930f02ef7753
- SHA1
  
  16d2630ccbbd1c723709fa6fc6a535aeab895da1
- SHA256
  
  defbb816e1377fd6284d6434812c712b4449125116c8909eb5ac947a851b4ff8
- SHA512
  
  3b601014e42a1d138c021b7f014131e70f8e01f879ce002d42ea1828d5078217e4ff94d97ef9c3072ee066f3c7506291b5123abd8b9933824812ce72db98d7cb
- SSDEEP
  
  3072:nMySERDqNMkanWE4auSH+U5lPLMhYyGQY5MMqLGZ2sEs8OGrid//KTiHY:plUGkaWzau0RMWAY5MMq6Z5EswC//KT
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan