smokeloader | 9e834dd024c42b8e97a65dbfedc2bbbfc0bc2d28aede9a5eebdcf1fe41fdc001 | Triage

Sharing

General

Target

9e834dd024c42b8e97a65dbfedc2bbbfc0bc2d28aede9a5eebdcf1fe41fdc001
Size

267KB
Sample

240725-2pjaaasgkc
MD5

d433e234e739fe061cd2ce6324f44750
SHA1

de7cb5704ac74be5f7d62bd114842bda1384e451
SHA256

9e834dd024c42b8e97a65dbfedc2bbbfc0bc2d28aede9a5eebdcf1fe41fdc001
SHA512

fee704157028ab2ab9b7d77f9fef3c4c814276805d75608f26f5372403eaa9f478a143fa81908c465a6b04e68ccf4a31aa0d974feb503d2b2cc40f5059083998
SSDEEP

3072:V6tSmr1TnidgbykCWA5J4KF7SGAti1X6ftS9/alMN2RvpTu:oMoTnibdJzR72iMlSZRQvpT

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  9e834dd024c42b8e97a65dbfedc2bbbfc0bc2d28aede9a5eebdcf1fe41fdc001
- Size
  
  267KB
- MD5
  
  d433e234e739fe061cd2ce6324f44750
- SHA1
  
  de7cb5704ac74be5f7d62bd114842bda1384e451
- SHA256
  
  9e834dd024c42b8e97a65dbfedc2bbbfc0bc2d28aede9a5eebdcf1fe41fdc001
- SHA512
  
  fee704157028ab2ab9b7d77f9fef3c4c814276805d75608f26f5372403eaa9f478a143fa81908c465a6b04e68ccf4a31aa0d974feb503d2b2cc40f5059083998
- SSDEEP
  
  3072:V6tSmr1TnidgbykCWA5J4KF7SGAti1X6ftS9/alMN2RvpTu:oMoTnibdJzR72iMlSZRQvpT
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan