smokeloader | f4af8f79c9b4f8e28cb7963f12e7bc9d5ed7dafcea44b83e96ce703311a7ceba | Triage

Sharing

General

Target

f4af8f79c9b4f8e28cb7963f12e7bc9d5ed7dafcea44b83e96ce703311a7ceba
Size

263KB
Sample

240801-znc1rswdrr
MD5

1b2c1ddd9cc1c11393a5daa17bc1d25b
SHA1

14668a7bed2427d58a99c8b9cf7a81e005810338
SHA256

f4af8f79c9b4f8e28cb7963f12e7bc9d5ed7dafcea44b83e96ce703311a7ceba
SHA512

8db794ffc315f60b828c95d9a2f75c8535cef0bc147c999cc0a3c4e3094d6933add7f36a32d5298e0c0cbe455bff9ecd7eafc9db53905772a1a05c5b195af6b1
SSDEEP

3072:AvFBuu/sLjF4bVefgW4H2LCuRJkE2J9GT/2rdKsBvupgV1cbA4ETB:iV0j8Vep4F4JkrTLBvupgVuYT

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  f4af8f79c9b4f8e28cb7963f12e7bc9d5ed7dafcea44b83e96ce703311a7ceba
- Size
  
  263KB
- MD5
  
  1b2c1ddd9cc1c11393a5daa17bc1d25b
- SHA1
  
  14668a7bed2427d58a99c8b9cf7a81e005810338
- SHA256
  
  f4af8f79c9b4f8e28cb7963f12e7bc9d5ed7dafcea44b83e96ce703311a7ceba
- SHA512
  
  8db794ffc315f60b828c95d9a2f75c8535cef0bc147c999cc0a3c4e3094d6933add7f36a32d5298e0c0cbe455bff9ecd7eafc9db53905772a1a05c5b195af6b1
- SSDEEP
  
  3072:AvFBuu/sLjF4bVefgW4H2LCuRJkE2J9GT/2rdKsBvupgV1cbA4ETB:iV0j8Vep4F4JkrTLBvupgVuYT
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan