smokeloader | cea95f7ded9ebbdd3e872322b6dead1b664d32aea6431b409db168e9d40ed8e9 | Triage

Sharing

General

Target

cea95f7ded9ebbdd3e872322b6dead1b664d32aea6431b409db168e9d40ed8e9
Size

413KB
Sample

240813-pq3dbsybkk
MD5

4c919e1ebcbde6288dae66e010c183e7
SHA1

c462863ea5d27bc897270da36c910c3e24256821
SHA256

cea95f7ded9ebbdd3e872322b6dead1b664d32aea6431b409db168e9d40ed8e9
SHA512

a63c091a6557f678baf6ccd038db46eafabd122aeb69729ea7ac2b658be5c55c201ea67b6ef903b425b66d43c6800f671e715ccb467adbf50144c486c89dd5f7
SSDEEP

6144:MS/WDoMCdlJRLJYffiPHU7zIgE8FBso62ifDmjB8kC6BurT:duDoMCdDRLOAHUnIT8FBso6HW8KG

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  cea95f7ded9ebbdd3e872322b6dead1b664d32aea6431b409db168e9d40ed8e9
- Size
  
  413KB
- MD5
  
  4c919e1ebcbde6288dae66e010c183e7
- SHA1
  
  c462863ea5d27bc897270da36c910c3e24256821
- SHA256
  
  cea95f7ded9ebbdd3e872322b6dead1b664d32aea6431b409db168e9d40ed8e9
- SHA512
  
  a63c091a6557f678baf6ccd038db46eafabd122aeb69729ea7ac2b658be5c55c201ea67b6ef903b425b66d43c6800f671e715ccb467adbf50144c486c89dd5f7
- SSDEEP
  
  6144:MS/WDoMCdlJRLJYffiPHU7zIgE8FBso62ifDmjB8kC6BurT:duDoMCdDRLOAHUnIT8FBso6HW8KG
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan