smokeloader | 0586236bd946dd8ce163e219771fb4a713585e198cc25b8c8cc59a1db987c6e0 | Triage

Sharing

General

Target

0586236bd946dd8ce163e219771fb4a713585e198cc25b8c8cc59a1db987c6e0
Size

226KB
Sample

240727-kpxn8syalm
MD5

29939a1d82929b871b1e896a8bc29d05
SHA1

eb4be6ec63ed18d35ba993166c2acb49362ec5ba
SHA256

0586236bd946dd8ce163e219771fb4a713585e198cc25b8c8cc59a1db987c6e0
SHA512

08872dbc92fd5461fe44fe5d163d9618374f9e76a0952077b3d50d0883f6f474a600572d081ccbab2bc3744e5fef249c202721395008f067546493f86569c207
SSDEEP

3072:ACiPqSVgrj3oWwcH/IxB9vEFieObAIK6T1p:77SVgrzodcH/IxB9HXu6T1

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  0586236bd946dd8ce163e219771fb4a713585e198cc25b8c8cc59a1db987c6e0
- Size
  
  226KB
- MD5
  
  29939a1d82929b871b1e896a8bc29d05
- SHA1
  
  eb4be6ec63ed18d35ba993166c2acb49362ec5ba
- SHA256
  
  0586236bd946dd8ce163e219771fb4a713585e198cc25b8c8cc59a1db987c6e0
- SHA512
  
  08872dbc92fd5461fe44fe5d163d9618374f9e76a0952077b3d50d0883f6f474a600572d081ccbab2bc3744e5fef249c202721395008f067546493f86569c207
- SSDEEP
  
  3072:ACiPqSVgrj3oWwcH/IxB9vEFieObAIK6T1p:77SVgrzodcH/IxB9HXu6T1
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2