smokeloader | 1c47f14208e7f0af2ce1e8a8f89f586292ebf71baed71081d4100cfdc98cfd64 | Triage

Sharing

General

Target

1c47f14208e7f0af2ce1e8a8f89f586292ebf71baed71081d4100cfdc98cfd64
Size

399KB
Sample

240815-ks9szazbjl
MD5

5e71ff1059428eb8aab7d14bd55632d3
SHA1

c7d617b29d57d1e2ff0c764735f215d2c6ffd1b1
SHA256

1c47f14208e7f0af2ce1e8a8f89f586292ebf71baed71081d4100cfdc98cfd64
SHA512

bbd6bde0692f103e78e8d5282b323b2bccc649ed40dcb3ab58d0a4213a5a8a8d2274bcf76213fd4204557b5327f3b97b260c16d1006a0e4958d6e03a6b081052
SSDEEP

6144:Ik04QHfLQcVQRP3VLdMhehccCdYu0rlDazyf1871T:IR4QH8cVQRPIcCdD0rlWuf187h

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  1c47f14208e7f0af2ce1e8a8f89f586292ebf71baed71081d4100cfdc98cfd64
- Size
  
  399KB
- MD5
  
  5e71ff1059428eb8aab7d14bd55632d3
- SHA1
  
  c7d617b29d57d1e2ff0c764735f215d2c6ffd1b1
- SHA256
  
  1c47f14208e7f0af2ce1e8a8f89f586292ebf71baed71081d4100cfdc98cfd64
- SHA512
  
  bbd6bde0692f103e78e8d5282b323b2bccc649ed40dcb3ab58d0a4213a5a8a8d2274bcf76213fd4204557b5327f3b97b260c16d1006a0e4958d6e03a6b081052
- SSDEEP
  
  6144:Ik04QHfLQcVQRP3VLdMhehccCdYu0rlDazyf1871T:IR4QH8cVQRPIcCdD0rlWuf187h
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan