smokeloader | f6bc65c8e5c6de289adbf95f62e70b54fa68b9d66637c2d74fbf3c683c528ab7 | Triage

Sharing

General

Target

f6bc65c8e5c6de289adbf95f62e70b54fa68b9d66637c2d74fbf3c683c528ab7
Size

382KB
Sample

240815-wn9sysvhrg
MD5

680a00c47174704d357c49882ab5e9cc
SHA1

2caeb4f094e23a7ee141f66ce238177b3064228f
SHA256

f6bc65c8e5c6de289adbf95f62e70b54fa68b9d66637c2d74fbf3c683c528ab7
SHA512

29bc65a1098af90857f5ccc6c47ba550338574742896ffe1f6fbca010df811c777266860480d11a4c77feac291f7b53a0063beb9c18304ba8e6babdf36be6485
SSDEEP

6144:AFoO6J9bRj9Lvl6UyugAKfuZ1a4BcustnA7SrVn77oKg2:AD6J9bB9LvlnylAPZw4BcfWS1cKV

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  f6bc65c8e5c6de289adbf95f62e70b54fa68b9d66637c2d74fbf3c683c528ab7
- Size
  
  382KB
- MD5
  
  680a00c47174704d357c49882ab5e9cc
- SHA1
  
  2caeb4f094e23a7ee141f66ce238177b3064228f
- SHA256
  
  f6bc65c8e5c6de289adbf95f62e70b54fa68b9d66637c2d74fbf3c683c528ab7
- SHA512
  
  29bc65a1098af90857f5ccc6c47ba550338574742896ffe1f6fbca010df811c777266860480d11a4c77feac291f7b53a0063beb9c18304ba8e6babdf36be6485
- SSDEEP
  
  6144:AFoO6J9bRj9Lvl6UyugAKfuZ1a4BcustnA7SrVn77oKg2:AD6J9bB9LvlnylAPZw4BcfWS1cKV
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan