smokeloader | 2a2473b7f18ee9c647daa38464671b66518da72e2928681a2652860a3b59c0fa | Triage

Sharing

General

Target

2a2473b7f18ee9c647daa38464671b66518da72e2928681a2652860a3b59c0fa
Size

327KB
Sample

240725-xvganayenj
MD5

ca03e5b043523f84ff404c86e3f66191
SHA1

9e7369ada411e9455fc3a72f9e8eb71b196bd6d7
SHA256

2a2473b7f18ee9c647daa38464671b66518da72e2928681a2652860a3b59c0fa
SHA512

164259053ff52872b60ff54f317d886a6a44770fdd797da68cb988c978d3870f4702c8b8cf602d73059de4a224733bb3e1f179e2feeccb3698eb47437a3d5371
SSDEEP

3072:wh7mUmxKJMAAhreVIWicOes3eDLcYtjt10XLJDjIJ8zm7+TH:8iUmxK6bhy5wt6oYDsLJSEmST

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  2a2473b7f18ee9c647daa38464671b66518da72e2928681a2652860a3b59c0fa
- Size
  
  327KB
- MD5
  
  ca03e5b043523f84ff404c86e3f66191
- SHA1
  
  9e7369ada411e9455fc3a72f9e8eb71b196bd6d7
- SHA256
  
  2a2473b7f18ee9c647daa38464671b66518da72e2928681a2652860a3b59c0fa
- SHA512
  
  164259053ff52872b60ff54f317d886a6a44770fdd797da68cb988c978d3870f4702c8b8cf602d73059de4a224733bb3e1f179e2feeccb3698eb47437a3d5371
- SSDEEP
  
  3072:wh7mUmxKJMAAhreVIWicOes3eDLcYtjt10XLJDjIJ8zm7+TH:8iUmxK6bhy5wt6oYDsLJSEmST
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan