smokeloader | d6e993807a59892a87a5f66010199c8d84093e270388c928e41a6fe15ba5a21f | Triage

Sharing

General

Target

d6e993807a59892a87a5f66010199c8d84093e270388c928e41a6fe15ba5a21f
Size

285KB
Sample

240721-17pz4szdmm
MD5

1694c88eec79aa3fd9f361a692339c06
SHA1

85cc77946d683d3434342e6a2a8416cfa2d19091
SHA256

d6e993807a59892a87a5f66010199c8d84093e270388c928e41a6fe15ba5a21f
SHA512

7a70e5d8e533651b41883a016b76e62669cfef2f4fbb788f7b37c9c1ee08c4172b24947c990afed41ad1225c0625476e24560a6ce58b6c4d1170825756a75879
SSDEEP

3072:t+K7xPHjYziNwbLLmnqn3aUR/OvVnipthksQOaRkC5Ew1CddaU+1cJ0fXMl:t+K5D0iNwXCnq37RWYnQOzOwaUc/M

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d6e993807a59892a87a5f66010199c8d84093e270388c928e41a6fe15ba5a21f
- Size
  
  285KB
- MD5
  
  1694c88eec79aa3fd9f361a692339c06
- SHA1
  
  85cc77946d683d3434342e6a2a8416cfa2d19091
- SHA256
  
  d6e993807a59892a87a5f66010199c8d84093e270388c928e41a6fe15ba5a21f
- SHA512
  
  7a70e5d8e533651b41883a016b76e62669cfef2f4fbb788f7b37c9c1ee08c4172b24947c990afed41ad1225c0625476e24560a6ce58b6c4d1170825756a75879
- SSDEEP
  
  3072:t+K7xPHjYziNwbLLmnqn3aUR/OvVnipthksQOaRkC5Ew1CddaU+1cJ0fXMl:t+K5D0iNwXCnq37RWYnQOzOwaUc/M
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan