smokeloader | c8ccf8b32c332d808a61c0bee294cdac7a6986b84ef8eafb138f89d1c26e336f | Triage

Sharing

General

Target

c8ccf8b32c332d808a61c0bee294cdac7a6986b84ef8eafb138f89d1c26e336f
Size

258KB
Sample

240816-2npexasalh
MD5

ceac8d4078729600ce820b97678f04ac
SHA1

732599c393f5e96e34f20627e535f1a3353ea617
SHA256

c8ccf8b32c332d808a61c0bee294cdac7a6986b84ef8eafb138f89d1c26e336f
SHA512

b13fe49a39fcb3bd9660bc4cc1bb073dc5a82c3b4757e3e0c7288e74ca1ee2860c4e96130ec642ae8c4539cb909d8cc48f5addce8f0559b3a2dc042e815ab788
SSDEEP

3072:TTBUkLTMD6nLnWQTzAPwaHn9pMo5sTfCT7Ljn8Rn8Lr:g+LnW2zqrHHWKrj8J8L

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  c8ccf8b32c332d808a61c0bee294cdac7a6986b84ef8eafb138f89d1c26e336f
- Size
  
  258KB
- MD5
  
  ceac8d4078729600ce820b97678f04ac
- SHA1
  
  732599c393f5e96e34f20627e535f1a3353ea617
- SHA256
  
  c8ccf8b32c332d808a61c0bee294cdac7a6986b84ef8eafb138f89d1c26e336f
- SHA512
  
  b13fe49a39fcb3bd9660bc4cc1bb073dc5a82c3b4757e3e0c7288e74ca1ee2860c4e96130ec642ae8c4539cb909d8cc48f5addce8f0559b3a2dc042e815ab788
- SSDEEP
  
  3072:TTBUkLTMD6nLnWQTzAPwaHn9pMo5sTfCT7Ljn8Rn8Lr:g+LnW2zqrHHWKrj8J8L
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan