smokeloader | c56819fdba554654b202cf25c3d2ee843e5eadeccefd7666ed43c98708b2a417 | Triage

Sharing

General

Target

c56819fdba554654b202cf25c3d2ee843e5eadeccefd7666ed43c98708b2a417
Size

382KB
Sample

240815-1cqyxszenk
MD5

dd51ea9144e53a5908f662e52fe5b81b
SHA1

7eb382f603fd752250a599fffc7a013fe9a446ea
SHA256

c56819fdba554654b202cf25c3d2ee843e5eadeccefd7666ed43c98708b2a417
SHA512

65f02ae90c3f29f050cfb1e053ed7215dd04bf5795cc596a298daa46735ea298c1f8ed3668e2d9f58a72f701f6f2ba3e5a87943d006fa162d1fbacc9f120b6cd
SSDEEP

6144:/FSv/9fRwOLyJ5R7/CJ9B0o3GypRdqgrXL/8QHzpN5Xy4:NSv/9fKOLC7/C3B0oWsT9rX33C

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  c56819fdba554654b202cf25c3d2ee843e5eadeccefd7666ed43c98708b2a417
- Size
  
  382KB
- MD5
  
  dd51ea9144e53a5908f662e52fe5b81b
- SHA1
  
  7eb382f603fd752250a599fffc7a013fe9a446ea
- SHA256
  
  c56819fdba554654b202cf25c3d2ee843e5eadeccefd7666ed43c98708b2a417
- SHA512
  
  65f02ae90c3f29f050cfb1e053ed7215dd04bf5795cc596a298daa46735ea298c1f8ed3668e2d9f58a72f701f6f2ba3e5a87943d006fa162d1fbacc9f120b6cd
- SSDEEP
  
  6144:/FSv/9fRwOLyJ5R7/CJ9B0o3GypRdqgrXL/8QHzpN5Xy4:NSv/9fKOLC7/C3B0oWsT9rX33C
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan