smokeloader | 2e3dcc02feabb4714f34d1da5ba69edcc119a07fc2f200ae145651376ed6fa93 | Triage

Sharing

General

Target

2e3dcc02feabb4714f34d1da5ba69edcc119a07fc2f200ae145651376ed6fa93
Size

311KB
Sample

240624-lq8zbszalp
MD5

fe904ee807c6e6b9979d5b322d389d17
SHA1

543b22481c54b2ef9cbfb0aa95aeba3cda4679fa
SHA256

2e3dcc02feabb4714f34d1da5ba69edcc119a07fc2f200ae145651376ed6fa93
SHA512

b381c03d2f32a4c5e13a56e3f8311a00b4b49a01e14fceecef9d16d9ee46fe6e777b687d80f17ec5ed04857bbdcaf8feaced2227e02730877a520137749d1857
SSDEEP

3072:/bCQLkFkCjJjSMzzomRfJvu3+Dyf6Yq3NAE5P99BczrBczxgP:/b/LekCdjcsFuqg/q3Gy9

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2e3dcc02feabb4714f34d1da5ba69edcc119a07fc2f200ae145651376ed6fa93
- Size
  
  311KB
- MD5
  
  fe904ee807c6e6b9979d5b322d389d17
- SHA1
  
  543b22481c54b2ef9cbfb0aa95aeba3cda4679fa
- SHA256
  
  2e3dcc02feabb4714f34d1da5ba69edcc119a07fc2f200ae145651376ed6fa93
- SHA512
  
  b381c03d2f32a4c5e13a56e3f8311a00b4b49a01e14fceecef9d16d9ee46fe6e777b687d80f17ec5ed04857bbdcaf8feaced2227e02730877a520137749d1857
- SSDEEP
  
  3072:/bCQLkFkCjJjSMzzomRfJvu3+Dyf6Yq3NAE5P99BczrBczxgP:/b/LekCdjcsFuqg/q3Gy9
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan