smokeloader | 86984fb491bb37d8eb634274fb22ca8414ee7f6237401eb5a873a78460f79e9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86984fb491bb37d8eb634274fb22ca8414ee7f6237401eb5a873a78460f79e9f
Size

257KB
Sample

240802-3zqb1swbml
MD5

0a3357f78ca1a0df6a5a96973b358585
SHA1

59365c850e5f64215bcc109965a6f3c120bbd53a
SHA256

86984fb491bb37d8eb634274fb22ca8414ee7f6237401eb5a873a78460f79e9f
SHA512

26afe90240abec3d024815750ece015b4a9a487c93875a81bdaee85687f72ffa563bac69539d42f4c5be2263490bf3095d3247c4632037b35425306c40659442
SSDEEP

3072:434empBRnI1fbnpLlvTz5wL5S5pDJiPz3fyJ23eJK2h23Tl:EgRnI1fbnJlhwVS/JJ23H2Q3T

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  86984fb491bb37d8eb634274fb22ca8414ee7f6237401eb5a873a78460f79e9f
- Size
  
  257KB
- MD5
  
  0a3357f78ca1a0df6a5a96973b358585
- SHA1
  
  59365c850e5f64215bcc109965a6f3c120bbd53a
- SHA256
  
  86984fb491bb37d8eb634274fb22ca8414ee7f6237401eb5a873a78460f79e9f
- SHA512
  
  26afe90240abec3d024815750ece015b4a9a487c93875a81bdaee85687f72ffa563bac69539d42f4c5be2263490bf3095d3247c4632037b35425306c40659442
- SSDEEP
  
  3072:434empBRnI1fbnpLlvTz5wL5S5pDJiPz3fyJ23eJK2h23Tl:EgRnI1fbnJlhwVS/JJ23H2Q3T
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan