smokeloader | 2cbf0070937329e52cbede3e78f82da2d9061d66e5aa3aa761bffd3121aecc35 | Triage

Sharing

General

Target

2cbf0070937329e52cbede3e78f82da2d9061d66e5aa3aa761bffd3121aecc35.exe
Size

227KB
Sample

240728-bftfsayfnq
MD5

783a24a2e540f33fc54fdcc6dffaf170
SHA1

26a0c5c880f8952e31575a482df74a63f4b6baee
SHA256

2cbf0070937329e52cbede3e78f82da2d9061d66e5aa3aa761bffd3121aecc35
SHA512

1611d14c90b67e636bba6beb3b003fd042757b02d7a038af28de62fd57ff816b8d02be71f5114701433c467b0d1a2b4be9896fe022c0d7d47f31757e2ab52358
SSDEEP

3072:dCVuay93ubRuQDpPy82zK3aWqhtaWf+U8jKs0fMhqXN4qQu6B3wLAm:Qcay93GRuupPSeVs8jKHbXCVu6lwc

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  2cbf0070937329e52cbede3e78f82da2d9061d66e5aa3aa761bffd3121aecc35.exe
- Size
  
  227KB
- MD5
  
  783a24a2e540f33fc54fdcc6dffaf170
- SHA1
  
  26a0c5c880f8952e31575a482df74a63f4b6baee
- SHA256
  
  2cbf0070937329e52cbede3e78f82da2d9061d66e5aa3aa761bffd3121aecc35
- SHA512
  
  1611d14c90b67e636bba6beb3b003fd042757b02d7a038af28de62fd57ff816b8d02be71f5114701433c467b0d1a2b4be9896fe022c0d7d47f31757e2ab52358
- SSDEEP
  
  3072:dCVuay93ubRuQDpPy82zK3aWqhtaWf+U8jKs0fMhqXN4qQu6B3wLAm:Qcay93GRuupPSeVs8jKHbXCVu6lwc
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan