smokeloader | bb5c3074578acf3af7cd3386ded08e9301696792f8c39e40d59750446a32b1e5 | Triage

Sharing

General

Target

bb5c3074578acf3af7cd3386ded08e9301696792f8c39e40d59750446a32b1e5
Size

233KB
Sample

240726-3msxdasbnn
MD5

c7ff91927e8e04f789d342dbea0acd9a
SHA1

e1c74016252f192720bec0ce7e586091d81a906c
SHA256

bb5c3074578acf3af7cd3386ded08e9301696792f8c39e40d59750446a32b1e5
SHA512

dea20486861045a4409ee64d8e9329cc441fcaefc9a7513d8b1b63a5a5550eff29ea0559dad7018b2dd37f0eee18f534630a2eb83874fc1dfe5b9b5184ed7ada
SSDEEP

3072:xCVuay93ubwEso9cGc7TwfWAVHm6Kb4tntz++oAkVd5tdsqQxXSTzXUCor:scay93GwEsSYsfWpGjS9AkDnOVZS3UC

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  bb5c3074578acf3af7cd3386ded08e9301696792f8c39e40d59750446a32b1e5
- Size
  
  233KB
- MD5
  
  c7ff91927e8e04f789d342dbea0acd9a
- SHA1
  
  e1c74016252f192720bec0ce7e586091d81a906c
- SHA256
  
  bb5c3074578acf3af7cd3386ded08e9301696792f8c39e40d59750446a32b1e5
- SHA512
  
  dea20486861045a4409ee64d8e9329cc441fcaefc9a7513d8b1b63a5a5550eff29ea0559dad7018b2dd37f0eee18f534630a2eb83874fc1dfe5b9b5184ed7ada
- SSDEEP
  
  3072:xCVuay93ubwEso9cGc7TwfWAVHm6Kb4tntz++oAkVd5tdsqQxXSTzXUCor:scay93GwEsSYsfWpGjS9AkDnOVZS3UC
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan