smokeloader | 037aadf097d58dc99d546253a9082e0357a4c20bca05f9ba5a93651695348497 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

037aadf097d58dc99d546253a9082e0357a4c20bca05f9ba5a93651695348497
Size

292KB
Sample

240720-1f8m5sxbnd
MD5

455fedc635797c9bf5d008389e72d992
SHA1

842a884d09deb8baf7fe8ddf04f07804857f34e0
SHA256

037aadf097d58dc99d546253a9082e0357a4c20bca05f9ba5a93651695348497
SHA512

c9afa12f1f6f59b959987e4ed6fe6e6b5e920c97bf5795445cfaff76064228812f80ba7cb075c1e5937e5494765a7aa05b21ce511767c93aaa60ecd1eaf2f18f
SSDEEP

3072:SE250HEENKOMQtk/20M0aZmAmkon/QZwF5wvRWfW4yBCjFsEvL0oO:x25zWKOrm2x0aZpton/nF5wWjj0o

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  037aadf097d58dc99d546253a9082e0357a4c20bca05f9ba5a93651695348497
- Size
  
  292KB
- MD5
  
  455fedc635797c9bf5d008389e72d992
- SHA1
  
  842a884d09deb8baf7fe8ddf04f07804857f34e0
- SHA256
  
  037aadf097d58dc99d546253a9082e0357a4c20bca05f9ba5a93651695348497
- SHA512
  
  c9afa12f1f6f59b959987e4ed6fe6e6b5e920c97bf5795445cfaff76064228812f80ba7cb075c1e5937e5494765a7aa05b21ce511767c93aaa60ecd1eaf2f18f
- SSDEEP
  
  3072:SE250HEENKOMQtk/20M0aZmAmkon/QZwF5wvRWfW4yBCjFsEvL0oO:x25zWKOrm2x0aZpton/nF5wWjj0o
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan