smokeloader | 97ba5bd2800a3fd8966ffc001dea1439902d5d25ab9f54f918c5cbf78176ef92 | Triage

Sharing

General

Target

97ba5bd2800a3fd8966ffc001dea1439902d5d25ab9f54f918c5cbf78176ef92
Size

413KB
Sample

240813-fb2zkszcpk
MD5

b18d7d132ca28912b8bb3823981154ed
SHA1

d3f32956d34b58cbad917062ca50c10bc652edb7
SHA256

97ba5bd2800a3fd8966ffc001dea1439902d5d25ab9f54f918c5cbf78176ef92
SHA512

d707d8d1ab6bbb11e23a756041c753590847dea567d328faad4c8bb32cf2ed489f73b4f296d60cfba5c7ce84da1deeb27ce507bf251a0910f73efd8655bedd6b
SSDEEP

6144:dN0myEUE4Q7Xp+xOI1IlPNH2X7rn9v37SfC6BurT:nfyEUE4Q7XpQ1IdNH2/n9vUG

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  97ba5bd2800a3fd8966ffc001dea1439902d5d25ab9f54f918c5cbf78176ef92
- Size
  
  413KB
- MD5
  
  b18d7d132ca28912b8bb3823981154ed
- SHA1
  
  d3f32956d34b58cbad917062ca50c10bc652edb7
- SHA256
  
  97ba5bd2800a3fd8966ffc001dea1439902d5d25ab9f54f918c5cbf78176ef92
- SHA512
  
  d707d8d1ab6bbb11e23a756041c753590847dea567d328faad4c8bb32cf2ed489f73b4f296d60cfba5c7ce84da1deeb27ce507bf251a0910f73efd8655bedd6b
- SSDEEP
  
  6144:dN0myEUE4Q7Xp+xOI1IlPNH2X7rn9v37SfC6BurT:nfyEUE4Q7XpQ1IdNH2/n9vUG
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan