smokeloader | 270a9981a33b767e23e9985fd9a87309c2867815b8d576f132f4e1035c78e857 | Triage

Sharing

General

Target

270a9981a33b767e23e9985fd9a87309c2867815b8d576f132f4e1035c78e857
Size

316KB
Sample

240807-mlwc4sxdkm
MD5

e4fb467c09ed5afcbb0954bf8cc4b1c3
SHA1

cf110aa2064ed5b4accc8123f2adb115a6fb3ee2
SHA256

270a9981a33b767e23e9985fd9a87309c2867815b8d576f132f4e1035c78e857
SHA512

c47879c3c086e6c361b1f9a62b7c4c2f055ef15709a6b8169a3b01abe3e4149c4a941bcf31eac2060ab2858150fbe5dc1703180104718baa4eb1de9f1c08f79a
SSDEEP

6144:5r9Zck3x+63xDTHCykBng2DsY0R2aqz+xBQmfT:N/ckB+gxDTitm2DsY0gaNL

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  270a9981a33b767e23e9985fd9a87309c2867815b8d576f132f4e1035c78e857
- Size
  
  316KB
- MD5
  
  e4fb467c09ed5afcbb0954bf8cc4b1c3
- SHA1
  
  cf110aa2064ed5b4accc8123f2adb115a6fb3ee2
- SHA256
  
  270a9981a33b767e23e9985fd9a87309c2867815b8d576f132f4e1035c78e857
- SHA512
  
  c47879c3c086e6c361b1f9a62b7c4c2f055ef15709a6b8169a3b01abe3e4149c4a941bcf31eac2060ab2858150fbe5dc1703180104718baa4eb1de9f1c08f79a
- SSDEEP
  
  6144:5r9Zck3x+63xDTHCykBng2DsY0R2aqz+xBQmfT:N/ckB+gxDTitm2DsY0gaNL
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan