smokeloader | b1680f17257af3c77a220fcf29ade51d0f02e9b429f687cc2d8a66f5a07e272b | Triage

Sharing

General

Target

b1680f17257af3c77a220fcf29ade51d0f02e9b429f687cc2d8a66f5a07e272b
Size

243KB
Sample

240720-klg5davbmp
MD5

cd385c52e6ad2dd6a304839159534b7e
SHA1

f8f7360395dadb1e06024943c95739b1ac8678fa
SHA256

b1680f17257af3c77a220fcf29ade51d0f02e9b429f687cc2d8a66f5a07e272b
SHA512

9227e5381a6dfc4856e5637820dbea55a7df07d4f8fbf8ee0e119e003ada3659fd063055cfeaca15e40e115add423abd9b4f28f92889b6608b5aec792e0b9eeb
SSDEEP

3072:X0tRmAsRYfI174Ofi0Q2SAMvDVNronnE+kQBwbCvhb9zWbqs5uxVCW:ERlfIXvQ2IDrktzB1Jb0qWkC

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  b1680f17257af3c77a220fcf29ade51d0f02e9b429f687cc2d8a66f5a07e272b
- Size
  
  243KB
- MD5
  
  cd385c52e6ad2dd6a304839159534b7e
- SHA1
  
  f8f7360395dadb1e06024943c95739b1ac8678fa
- SHA256
  
  b1680f17257af3c77a220fcf29ade51d0f02e9b429f687cc2d8a66f5a07e272b
- SHA512
  
  9227e5381a6dfc4856e5637820dbea55a7df07d4f8fbf8ee0e119e003ada3659fd063055cfeaca15e40e115add423abd9b4f28f92889b6608b5aec792e0b9eeb
- SSDEEP
  
  3072:X0tRmAsRYfI174Ofi0Q2SAMvDVNronnE+kQBwbCvhb9zWbqs5uxVCW:ERlfIXvQ2IDrktzB1Jb0qWkC
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan