smokeloader | ff0c9e04e6c0aab450bc46b106acb0c207e98b05d302cbac4169500251253ef1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff0c9e04e6c0aab450bc46b106acb0c207e98b05d302cbac4169500251253ef1
Size

316KB
Sample

240805-zbfacsxeml
MD5

4ef5b48787be9c32eafa0944b160be2b
SHA1

e870ed4d96a5b994f117dbc6c536206a23f4cbf4
SHA256

ff0c9e04e6c0aab450bc46b106acb0c207e98b05d302cbac4169500251253ef1
SHA512

9196b0f166074898a0227d76022fb32a05ab88afdfdb4a41382fba50c4a2fc3f7b02f3220e6864a206370c4585bc3137f9c22b690324d8496e816ad71f0e46b5
SSDEEP

3072:o5v7Izt4EfGmLsGYSNLPNdTa4+dP85PcOUFrhpLmX0t0LVLOtYyT0:48zCWLsTwLPNdiU5PcOUZmX0SxKtNT

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  ff0c9e04e6c0aab450bc46b106acb0c207e98b05d302cbac4169500251253ef1
- Size
  
  316KB
- MD5
  
  4ef5b48787be9c32eafa0944b160be2b
- SHA1
  
  e870ed4d96a5b994f117dbc6c536206a23f4cbf4
- SHA256
  
  ff0c9e04e6c0aab450bc46b106acb0c207e98b05d302cbac4169500251253ef1
- SHA512
  
  9196b0f166074898a0227d76022fb32a05ab88afdfdb4a41382fba50c4a2fc3f7b02f3220e6864a206370c4585bc3137f9c22b690324d8496e816ad71f0e46b5
- SSDEEP
  
  3072:o5v7Izt4EfGmLsGYSNLPNdTa4+dP85PcOUFrhpLmX0t0LVLOtYyT0:48zCWLsTwLPNdiU5PcOUZmX0SxKtNT
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan