smokeloader | 2be2240e9a4aec14025ae84f8cfbc34fa20b3a116da26ef828ff8263f4cd4f88 | Triage

Sharing

General

Target

2be2240e9a4aec14025ae84f8cfbc34fa20b3a116da26ef828ff8263f4cd4f88
Size

262KB
Sample

240530-ewkqcsfb86
MD5

c78485c96807644e8c78f1e8fdb0d81e
SHA1

eff51a852291936d0c7ee296c916524ee0e06e18
SHA256

2be2240e9a4aec14025ae84f8cfbc34fa20b3a116da26ef828ff8263f4cd4f88
SHA512

8c6d2a3c61b09fa4eee5b8fa6641e7cb153658b84ad61b93fdfb922394ea2fb4c6e0118e2c8195b71b5c3eb4eceb75e8d834bc34939e00911b8856d950d3123b
SSDEEP

3072:8jhIYSFtO28WTJmA0gdKW5vY3cnoWNumh:8WYSFtOumlgdbhoYumh

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2be2240e9a4aec14025ae84f8cfbc34fa20b3a116da26ef828ff8263f4cd4f88
- Size
  
  262KB
- MD5
  
  c78485c96807644e8c78f1e8fdb0d81e
- SHA1
  
  eff51a852291936d0c7ee296c916524ee0e06e18
- SHA256
  
  2be2240e9a4aec14025ae84f8cfbc34fa20b3a116da26ef828ff8263f4cd4f88
- SHA512
  
  8c6d2a3c61b09fa4eee5b8fa6641e7cb153658b84ad61b93fdfb922394ea2fb4c6e0118e2c8195b71b5c3eb4eceb75e8d834bc34939e00911b8856d950d3123b
- SSDEEP
  
  3072:8jhIYSFtO28WTJmA0gdKW5vY3cnoWNumh:8WYSFtOumlgdbhoYumh
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan