smokeloader | efa03ac97d2bf5c0020ae8d90cd2977beccca38fe5394d77a4a5482a8190e4ee | Triage

Sharing

General

Target

efa03ac97d2bf5c0020ae8d90cd2977beccca38fe5394d77a4a5482a8190e4ee
Size

152KB
Sample

240725-2tsdratara
MD5

d76c718ada43477786ef9ca3bba29842
SHA1

c64677ddce626f7b343ee2aee0deb369dd21e0df
SHA256

efa03ac97d2bf5c0020ae8d90cd2977beccca38fe5394d77a4a5482a8190e4ee
SHA512

f1aebe693ab40fe2b5a3238bb9976395fbc2aa2a211a52ddca5a2d8c568062ed82cac07aab04523831838415547d0286ee2f42dad733524651715f211c0f8b4c
SSDEEP

3072:BPfLv9CAlRi9gEj5scaFYcPn5I858ioma:tLv9f+/mtCiK

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  efa03ac97d2bf5c0020ae8d90cd2977beccca38fe5394d77a4a5482a8190e4ee
- Size
  
  152KB
- MD5
  
  d76c718ada43477786ef9ca3bba29842
- SHA1
  
  c64677ddce626f7b343ee2aee0deb369dd21e0df
- SHA256
  
  efa03ac97d2bf5c0020ae8d90cd2977beccca38fe5394d77a4a5482a8190e4ee
- SHA512
  
  f1aebe693ab40fe2b5a3238bb9976395fbc2aa2a211a52ddca5a2d8c568062ed82cac07aab04523831838415547d0286ee2f42dad733524651715f211c0f8b4c
- SSDEEP
  
  3072:BPfLv9CAlRi9gEj5scaFYcPn5I858ioma:tLv9f+/mtCiK
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan