smokeloader | d0d022488b46b06980b4f29ced411e1cc80ffc1071f0f9c6cc4b80abf611c140 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0d022488b46b06980b4f29ced411e1cc80ffc1071f0f9c6cc4b80abf611c140
Size

317KB
Sample

240807-gf6n1awcnc
MD5

0bc7e775dcd06a169ba3639a5fc6a0c9
SHA1

b6e5aed8c3512cd4a8f4cfc2830c2881129ca9a0
SHA256

d0d022488b46b06980b4f29ced411e1cc80ffc1071f0f9c6cc4b80abf611c140
SHA512

51bb00461a0510fb6e5e84638cee907eaf07689626dfa5c87d88269d5276d37d22d6f2f456431a9bc2f51e7273eea1f4f50c440441752f81cd67e41e0789b4d4
SSDEEP

3072:OGFkuLPs4xnWfRiO7SBwe87I6fkqIoVX8lAhEO5VqCRuLdTgCRVhqin9RTT:KOPBQRi4AweUvrIoVsshSn5MghL3T

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d0d022488b46b06980b4f29ced411e1cc80ffc1071f0f9c6cc4b80abf611c140
- Size
  
  317KB
- MD5
  
  0bc7e775dcd06a169ba3639a5fc6a0c9
- SHA1
  
  b6e5aed8c3512cd4a8f4cfc2830c2881129ca9a0
- SHA256
  
  d0d022488b46b06980b4f29ced411e1cc80ffc1071f0f9c6cc4b80abf611c140
- SHA512
  
  51bb00461a0510fb6e5e84638cee907eaf07689626dfa5c87d88269d5276d37d22d6f2f456431a9bc2f51e7273eea1f4f50c440441752f81cd67e41e0789b4d4
- SSDEEP
  
  3072:OGFkuLPs4xnWfRiO7SBwe87I6fkqIoVX8lAhEO5VqCRuLdTgCRVhqin9RTT:KOPBQRi4AweUvrIoVsshSn5MghL3T
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan