smokeloader | 129389c7f18ede3895d2324661e4250e083d0a02f0c0c24fb2ea2b766dc3568a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

129389c7f18ede3895d2324661e4250e083d0a02f0c0c24fb2ea2b766dc3568a.exe
Size

219KB
Sample

240605-r38f8ahh8z
MD5

a51bf8e48492176bf61f9bcbb296ce42
SHA1

2fdaa140c5806f7a99c6954805b7b6b8a15edec5
SHA256

129389c7f18ede3895d2324661e4250e083d0a02f0c0c24fb2ea2b766dc3568a
SHA512

d0a360d1433ae852366556dfc1330c182e6a3f6c60129b5e8e0754cc64754466c70dcceaca93819e817a00c85bc9975c270daae4eaaf1172112e420563a122fe
SSDEEP

3072:FRrH6tRLYaVI+5ZBbBloO5rgnxegnxWh:FtsLYaVI+DtBeJnZn0h

Score

10^/10

smokeloader sel2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sel2

Targets

- Target
  
  129389c7f18ede3895d2324661e4250e083d0a02f0c0c24fb2ea2b766dc3568a.exe
- Size
  
  219KB
- MD5
  
  a51bf8e48492176bf61f9bcbb296ce42
- SHA1
  
  2fdaa140c5806f7a99c6954805b7b6b8a15edec5
- SHA256
  
  129389c7f18ede3895d2324661e4250e083d0a02f0c0c24fb2ea2b766dc3568a
- SHA512
  
  d0a360d1433ae852366556dfc1330c182e6a3f6c60129b5e8e0754cc64754466c70dcceaca93819e817a00c85bc9975c270daae4eaaf1172112e420563a122fe
- SSDEEP
  
  3072:FRrH6tRLYaVI+5ZBbBloO5rgnxegnxWh:FtsLYaVI+DtBeJnZn0h
Score

10^/10

smokeloader sel2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersel2backdoortrojan

behavioral2

smokeloadersel2backdoortrojan