smokeloader | 2bfcce0011c6668b039656dd4afb8cf742007d77333a172ce997f65e310e28d9 | Triage

Sharing

General

Target

2bfcce0011c6668b039656dd4afb8cf742007d77333a172ce997f65e310e28d9
Size

214KB
Sample

240812-wtak2ssgkm
MD5

c172053724f575c8ea2179e747f3c5c5
SHA1

339274f1cd7137784969265f48847fbbecfa6d88
SHA256

2bfcce0011c6668b039656dd4afb8cf742007d77333a172ce997f65e310e28d9
SHA512

8012f744a5b28d83e5b42c5708a0839ebc0c0780c7f4c40a4903af0ee2743d1659a87e54b1e72958613bd6202d0fc13c744a91142ed61edea2d94f21c10f8329
SSDEEP

3072:YQxvdrLtwB6Hz6mECGhMRD9U1ybsEHe1qYl5Qs3c:3vdOKY7hcKNxt

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2bfcce0011c6668b039656dd4afb8cf742007d77333a172ce997f65e310e28d9
- Size
  
  214KB
- MD5
  
  c172053724f575c8ea2179e747f3c5c5
- SHA1
  
  339274f1cd7137784969265f48847fbbecfa6d88
- SHA256
  
  2bfcce0011c6668b039656dd4afb8cf742007d77333a172ce997f65e310e28d9
- SHA512
  
  8012f744a5b28d83e5b42c5708a0839ebc0c0780c7f4c40a4903af0ee2743d1659a87e54b1e72958613bd6202d0fc13c744a91142ed61edea2d94f21c10f8329
- SSDEEP
  
  3072:YQxvdrLtwB6Hz6mECGhMRD9U1ybsEHe1qYl5Qs3c:3vdOKY7hcKNxt
Score

10^/10

smokeloader pub1 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoordiscoverytrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan