smokeloader | 83568e01e3f1b9e4cb8dd5a5fab6e242aff748d5ac38d584aff33a67dac0709c | Triage

Sharing

General

Target

83568e01e3f1b9e4cb8dd5a5fab6e242aff748d5ac38d584aff33a67dac0709c
Size

230KB
Sample

240726-kmncsaxdnk
MD5

219163581396e3ec5c2bcb95b46e7c81
SHA1

908eaebf7e4e207ad4fcabe32ab816906ec57a98
SHA256

83568e01e3f1b9e4cb8dd5a5fab6e242aff748d5ac38d584aff33a67dac0709c
SHA512

52613fa1aa8d5f22daa591c075eb4babefd30721ac349388768af2a28a78475cfcf592837dc352bd398297adcad05d8ae27213df99217d7c2f54644030d2b0d4
SSDEEP

3072:wHdiVZe9xH2U2jkrjyBp9rnJ2KuuxdLBCfQ7u4DT2:yMVZe9xH2RjejyBIKDxdLBAR4DT

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  83568e01e3f1b9e4cb8dd5a5fab6e242aff748d5ac38d584aff33a67dac0709c
- Size
  
  230KB
- MD5
  
  219163581396e3ec5c2bcb95b46e7c81
- SHA1
  
  908eaebf7e4e207ad4fcabe32ab816906ec57a98
- SHA256
  
  83568e01e3f1b9e4cb8dd5a5fab6e242aff748d5ac38d584aff33a67dac0709c
- SHA512
  
  52613fa1aa8d5f22daa591c075eb4babefd30721ac349388768af2a28a78475cfcf592837dc352bd398297adcad05d8ae27213df99217d7c2f54644030d2b0d4
- SSDEEP
  
  3072:wHdiVZe9xH2U2jkrjyBp9rnJ2KuuxdLBCfQ7u4DT2:yMVZe9xH2RjejyBIKDxdLBAR4DT
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan