smokeloader | 16b8a4ac8b4ad37eed95e17352b8169212b780a01a8bc61f5c78080c448ba03f | Triage

Sharing

General

Target

16b8a4ac8b4ad37eed95e17352b8169212b780a01a8bc61f5c78080c448ba03f
Size

226KB
Sample

240727-ncqa6szbmh
MD5

6b15db4a32bdd9adadd25f8f6b70b689
SHA1

49d9e5b3bd7d489177831e41f5625f7c22164292
SHA256

16b8a4ac8b4ad37eed95e17352b8169212b780a01a8bc61f5c78080c448ba03f
SHA512

0f47ea3c9c36b1d1891db483dbb935ed9cfca444792de8ee8a143ba94d86c994b92d95740896d9e90bc61e5e6c498adf4e142ffc80a8bd6db3633a2e1b52f62f
SSDEEP

3072:BDOCjVOtPZXeFaTzLrABWps8EQj+ADpTIwjKy6MT0KLAN3f8n9VEE:1pjVOtPZXeFaDrcWp+QKADiZ3KLIQ

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  16b8a4ac8b4ad37eed95e17352b8169212b780a01a8bc61f5c78080c448ba03f
- Size
  
  226KB
- MD5
  
  6b15db4a32bdd9adadd25f8f6b70b689
- SHA1
  
  49d9e5b3bd7d489177831e41f5625f7c22164292
- SHA256
  
  16b8a4ac8b4ad37eed95e17352b8169212b780a01a8bc61f5c78080c448ba03f
- SHA512
  
  0f47ea3c9c36b1d1891db483dbb935ed9cfca444792de8ee8a143ba94d86c994b92d95740896d9e90bc61e5e6c498adf4e142ffc80a8bd6db3633a2e1b52f62f
- SSDEEP
  
  3072:BDOCjVOtPZXeFaTzLrABWps8EQj+ADpTIwjKy6MT0KLAN3f8n9VEE:1pjVOtPZXeFaDrcWp+QKADiZ3KLIQ
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan