smokeloader | 775bdfe5c5db4e3adfb87dcd01732250ad221b814c2962021465aca4c45d625e | Triage

Sharing

General

Target

775bdfe5c5db4e3adfb87dcd01732250ad221b814c2962021465aca4c45d625e
Size

173KB
Sample

240725-2l1edszarj
MD5

f04c46229a82d9b834c6508a02ed018e
SHA1

01249324b1c8fe28477472e1286c00d18ae529c2
SHA256

775bdfe5c5db4e3adfb87dcd01732250ad221b814c2962021465aca4c45d625e
SHA512

a8619c5cc21396f08f29bbdd9cddcf9baea197cef2233a2fd9dd989709f8022ddbd2d464ed64f20371eac716f24a80c0359d8ad0d4c9bb4ec6c17dce27180290
SSDEEP

3072:tTLTZjy2LYh3lbRkl9Hab2zn15xSaVH3Ra5UrBXETBS:dLTx3YhVbRqBc5GGS

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  775bdfe5c5db4e3adfb87dcd01732250ad221b814c2962021465aca4c45d625e
- Size
  
  173KB
- MD5
  
  f04c46229a82d9b834c6508a02ed018e
- SHA1
  
  01249324b1c8fe28477472e1286c00d18ae529c2
- SHA256
  
  775bdfe5c5db4e3adfb87dcd01732250ad221b814c2962021465aca4c45d625e
- SHA512
  
  a8619c5cc21396f08f29bbdd9cddcf9baea197cef2233a2fd9dd989709f8022ddbd2d464ed64f20371eac716f24a80c0359d8ad0d4c9bb4ec6c17dce27180290
- SSDEEP
  
  3072:tTLTZjy2LYh3lbRkl9Hab2zn15xSaVH3Ra5UrBXETBS:dLTx3YhVbRqBc5GGS
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan