smokeloader | be08d9893aef56f7ad5e203142489d41d9ec7c6e0bebc9d922cc6c9c9dfb1019 | Triage

Sharing

General

Target

be08d9893aef56f7ad5e203142489d41d9ec7c6e0bebc9d922cc6c9c9dfb1019
Size

234KB
Sample

240526-m6v8vaga5z
MD5

e3f23b9ec1f4ac11172e09325c4d5d76
SHA1

090e2c47ea2457376c43e0d4f157f5875dd2f6e2
SHA256

be08d9893aef56f7ad5e203142489d41d9ec7c6e0bebc9d922cc6c9c9dfb1019
SHA512

bf558d6e727ae4d7339bd29751b653f5e9f4d78ed3d90ffa5d7527e9b746eef8df24dab62903ef32a71d6ccb3faab0c819348b0af58dc6e117a68b75c9807cc9
SSDEEP

3072:Q5qiPM9HcK0kiQhi+orEMFtax6L3zSoBYSJZQzRqbNAhL1sOYldcr0YzGFTJ:ZfcK9dhirBmXzR6ahL1sOYldcr0YzsT

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  be08d9893aef56f7ad5e203142489d41d9ec7c6e0bebc9d922cc6c9c9dfb1019
- Size
  
  234KB
- MD5
  
  e3f23b9ec1f4ac11172e09325c4d5d76
- SHA1
  
  090e2c47ea2457376c43e0d4f157f5875dd2f6e2
- SHA256
  
  be08d9893aef56f7ad5e203142489d41d9ec7c6e0bebc9d922cc6c9c9dfb1019
- SHA512
  
  bf558d6e727ae4d7339bd29751b653f5e9f4d78ed3d90ffa5d7527e9b746eef8df24dab62903ef32a71d6ccb3faab0c819348b0af58dc6e117a68b75c9807cc9
- SSDEEP
  
  3072:Q5qiPM9HcK0kiQhi+orEMFtax6L3zSoBYSJZQzRqbNAhL1sOYldcr0YzGFTJ:ZfcK9dhirBmXzR6ahL1sOYldcr0YzsT
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan