smokeloader | 8a6ce1117d32bfbe41ebb7ae6a3c0054e7697f8191f39a08c654f05ffcaedeb8 | Triage

Sharing

General

Target

8a6ce1117d32bfbe41ebb7ae6a3c0054e7697f8191f39a08c654f05ffcaedeb8
Size

215KB
Sample

240812-vfz34szgkn
MD5

e918276cc24227cc9179c2b510160192
SHA1

671c661d7f321eb4c38f83ba0fcd376c80fa1445
SHA256

8a6ce1117d32bfbe41ebb7ae6a3c0054e7697f8191f39a08c654f05ffcaedeb8
SHA512

f61f95fb36e4a637774220a76785f7c25bd134a1a57447f24618ce78ca744e932afac0aa58503d77f7a829debb830986542588b060b1cadd9d89f657e9c1fefa
SSDEEP

3072:y+xvdrLtwB7KINbcToHCNxyIJXelHZ2Y/523c:7vdOsybeoiNMIJXcE

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  8a6ce1117d32bfbe41ebb7ae6a3c0054e7697f8191f39a08c654f05ffcaedeb8
- Size
  
  215KB
- MD5
  
  e918276cc24227cc9179c2b510160192
- SHA1
  
  671c661d7f321eb4c38f83ba0fcd376c80fa1445
- SHA256
  
  8a6ce1117d32bfbe41ebb7ae6a3c0054e7697f8191f39a08c654f05ffcaedeb8
- SHA512
  
  f61f95fb36e4a637774220a76785f7c25bd134a1a57447f24618ce78ca744e932afac0aa58503d77f7a829debb830986542588b060b1cadd9d89f657e9c1fefa
- SSDEEP
  
  3072:y+xvdrLtwB7KINbcToHCNxyIJXelHZ2Y/523c:7vdOsybeoiNMIJXcE
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan