smokeloader | 49fb75ea3f7de2eb2e28d0441bdbe7c1c90a458064ed567d2c0d734d0fec2b30 | Triage

Sharing

General

Target

49fb75ea3f7de2eb2e28d0441bdbe7c1c90a458064ed567d2c0d734d0fec2b30
Size

414KB
Sample

240813-qey27szdrm
MD5

5e4b15d114a6f8a1e84e44c0f1b688f6
SHA1

9d984bf2abe2f9dce725ddc9eae0eb4f59be6a14
SHA256

49fb75ea3f7de2eb2e28d0441bdbe7c1c90a458064ed567d2c0d734d0fec2b30
SHA512

dedcdda24b29234f4bbf398fead7a4b6b240dc2599937e5440d84ea38b5dddcfadf8a87ab85b0e0de1111e8b37082cceb1ff10ca2bb8be918e0ce48b371a89dd
SSDEEP

6144:zYxutpekdmbaXDkeaXsXbv/LAZohjpFdNZPOZKnIRsXUxT:sUtpekdmbazxaXs0uvNxOZKnIRP

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  49fb75ea3f7de2eb2e28d0441bdbe7c1c90a458064ed567d2c0d734d0fec2b30
- Size
  
  414KB
- MD5
  
  5e4b15d114a6f8a1e84e44c0f1b688f6
- SHA1
  
  9d984bf2abe2f9dce725ddc9eae0eb4f59be6a14
- SHA256
  
  49fb75ea3f7de2eb2e28d0441bdbe7c1c90a458064ed567d2c0d734d0fec2b30
- SHA512
  
  dedcdda24b29234f4bbf398fead7a4b6b240dc2599937e5440d84ea38b5dddcfadf8a87ab85b0e0de1111e8b37082cceb1ff10ca2bb8be918e0ce48b371a89dd
- SSDEEP
  
  6144:zYxutpekdmbaXDkeaXsXbv/LAZohjpFdNZPOZKnIRsXUxT:sUtpekdmbazxaXs0uvNxOZKnIRP
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan