smokeloader | 52e0c702bb8e232df84e5a20292050d44e5b4a0afbe603733497a05372692dd6 | Triage

Sharing

General

Target

52e0c702bb8e232df84e5a20292050d44e5b4a0afbe603733497a05372692dd6
Size

201KB
Sample

240802-2aj82asgrq
MD5

670dd50055ab3b107a51654b9f4b637a
SHA1

710caae730d9ebd1b45789cca5fa21fe172ab49c
SHA256

52e0c702bb8e232df84e5a20292050d44e5b4a0afbe603733497a05372692dd6
SHA512

714d087dbbdc08734f6e309b0fbf6770fd978d913cf5c1865938989d1470d7abcd0a4f2565ecec2a6a04dd706ddc250aee9536f3271e6f6cb3ac41c050b54931
SSDEEP

1536:9GGDZLls32Ebc9KPW27X71Cqzg+sdlyR+4Y1vJqzR7b5KraOPy/5ULa2EUS3mBc8:LtLYc9Gg/OUhgR7ls/PG5UZ3

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  52e0c702bb8e232df84e5a20292050d44e5b4a0afbe603733497a05372692dd6
- Size
  
  201KB
- MD5
  
  670dd50055ab3b107a51654b9f4b637a
- SHA1
  
  710caae730d9ebd1b45789cca5fa21fe172ab49c
- SHA256
  
  52e0c702bb8e232df84e5a20292050d44e5b4a0afbe603733497a05372692dd6
- SHA512
  
  714d087dbbdc08734f6e309b0fbf6770fd978d913cf5c1865938989d1470d7abcd0a4f2565ecec2a6a04dd706ddc250aee9536f3271e6f6cb3ac41c050b54931
- SSDEEP
  
  1536:9GGDZLls32Ebc9KPW27X71Cqzg+sdlyR+4Y1vJqzR7b5KraOPy/5ULa2EUS3mBc8:LtLYc9Gg/OUhgR7ls/PG5UZ3
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan