smokeloader | 49dae48df6eb2d3c2d6797abaad154076ed25a8bf7f314081960db1c01a3aab4 | Triage

Sharing

General

Target

49dae48df6eb2d3c2d6797abaad154076ed25a8bf7f314081960db1c01a3aab4
Size

411KB
Sample

240811-l4bkzsvdpr
MD5

9ee8fb0e9dc702de36ebc8ddddbd3062
SHA1

2d8659f86cd7bf84719f2b1f961f90fb3edf3641
SHA256

49dae48df6eb2d3c2d6797abaad154076ed25a8bf7f314081960db1c01a3aab4
SHA512

b1da285b9119bdd5d9fac7d6f9f304532e917f1d95952f1958cdc672217b07586fc32018b95a4553b341831502e8965bce12b3ba8ef04bcfc01bac26fa6c2c4f
SSDEEP

6144:nvNugEhz0zNJSCiX05zQdynq+ZU7GA06+EuloYFEH:nv4Dhz0JM8USAIvE

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  49dae48df6eb2d3c2d6797abaad154076ed25a8bf7f314081960db1c01a3aab4
- Size
  
  411KB
- MD5
  
  9ee8fb0e9dc702de36ebc8ddddbd3062
- SHA1
  
  2d8659f86cd7bf84719f2b1f961f90fb3edf3641
- SHA256
  
  49dae48df6eb2d3c2d6797abaad154076ed25a8bf7f314081960db1c01a3aab4
- SHA512
  
  b1da285b9119bdd5d9fac7d6f9f304532e917f1d95952f1958cdc672217b07586fc32018b95a4553b341831502e8965bce12b3ba8ef04bcfc01bac26fa6c2c4f
- SSDEEP
  
  6144:nvNugEhz0zNJSCiX05zQdynq+ZU7GA06+EuloYFEH:nv4Dhz0JM8USAIvE
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan