smokeloader | 983eb6ef570f9b40179c7845232684e59faeb261ff966c5dac708e640b356086 | Triage

Sharing

General

Target

3003235244455682dd316defddb9369c.bin
Size

130KB
Sample

240727-b4actayeqm
MD5

f55bf33f3a8fef706f3f8934e329a9a7
SHA1

a676d2174dc6722e9646045cf2e2cf443d53e35a
SHA256

983eb6ef570f9b40179c7845232684e59faeb261ff966c5dac708e640b356086
SHA512

42a356c081ee830d1e699c4a9bad63a7cada169a6198e9bc73f25a477d766d3ed4a6adc9f9e4cfc7b469ace0076ac6ce56e35136604baa8687d9cdfd80bbad1e
SSDEEP

3072:Mpka0TT42CZFq0mfSm7tUjXdGFpYgR0ZOs5cptvUUHUd:Kka0d5AAGgR0Zr8UUHUd

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  3ec76b58400fa83602d35d82f38341d921223dcdf175b98bca435a59ba340464.exe
- Size
  
  233KB
- MD5
  
  3003235244455682dd316defddb9369c
- SHA1
  
  8fd13d5ed119640fdf3cf2519c1ae98abc6fe2de
- SHA256
  
  3ec76b58400fa83602d35d82f38341d921223dcdf175b98bca435a59ba340464
- SHA512
  
  7ced01915a20f35ffb1eadaf1097dc74634676eb4e8a7d9e01b5343de7a466161a7bcf4e06e9075007d631eda77dd270ccad80b01053e1dae1e87d38676b11a5
- SSDEEP
  
  3072:qHHNw9sZxXaS4pcO4QtFkaEWNqvMorMlT5DTP0t1OQqODuMWATH:Atw9sZxXdIc/QtFkPWzorYAtP6M/T
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan