smokeloader | 71853baaa2420d5057974858407a219e296284856d65f265f373f8487c8d6184 | Triage

Sharing

General

Target

71853baaa2420d5057974858407a219e296284856d65f265f373f8487c8d6184
Size

264KB
Sample

240802-bgwmja1elc
MD5

fa92c0b3e1751343a82f603d1d064d19
SHA1

97991882d596f69d59577c7895dcce7eecab0b2a
SHA256

71853baaa2420d5057974858407a219e296284856d65f265f373f8487c8d6184
SHA512

f2d6ce8a1537a0d89cd6873881dd2aff5e37a69f4714b7361162215e9c0e2ef69bf9d6e192f69a722060c34bd0846f349401d59d39d987310ac2a6df06a72b92
SSDEEP

3072:m6ZJOct+kKntNQ7wOEbYGxXDtSgW2H3FEqcrGxED+YrzEvLq/TB:5QJtIwOIYgjH1RJ6+YfEe/T

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  71853baaa2420d5057974858407a219e296284856d65f265f373f8487c8d6184
- Size
  
  264KB
- MD5
  
  fa92c0b3e1751343a82f603d1d064d19
- SHA1
  
  97991882d596f69d59577c7895dcce7eecab0b2a
- SHA256
  
  71853baaa2420d5057974858407a219e296284856d65f265f373f8487c8d6184
- SHA512
  
  f2d6ce8a1537a0d89cd6873881dd2aff5e37a69f4714b7361162215e9c0e2ef69bf9d6e192f69a722060c34bd0846f349401d59d39d987310ac2a6df06a72b92
- SSDEEP
  
  3072:m6ZJOct+kKntNQ7wOEbYGxXDtSgW2H3FEqcrGxED+YrzEvLq/TB:5QJtIwOIYgjH1RJ6+YfEe/T
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan