smokeloader | 3b6ea97b0f93b9342efc28ca5231c897cd9c22992fb31e540d6eb0b02bbc1613 | Triage

Sharing

General

Target

3b6ea97b0f93b9342efc28ca5231c897cd9c22992fb31e540d6eb0b02bbc1613.exe
Size

214KB
Sample

240820-bl2z4swelc
MD5

ef3415323bc6cda3205fbd617cf2aae2
SHA1

7fdd7ddcaaa83b556463af95af3193f4880e7313
SHA256

3b6ea97b0f93b9342efc28ca5231c897cd9c22992fb31e540d6eb0b02bbc1613
SHA512

a4c9a4c93850e7700b1043d90ebdad62a022cb14e133b8836a44eece629ecf5f811cce4d8688888d2ea45773cf19afb424cb2600e979e50b3a16521c798c000b
SSDEEP

3072:+qLubVGYMB2vdwtGmHGdhGmD0tF5HkYHw5tp5H1:ZLsVGtNYmHClD0tnkT

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  3b6ea97b0f93b9342efc28ca5231c897cd9c22992fb31e540d6eb0b02bbc1613.exe
- Size
  
  214KB
- MD5
  
  ef3415323bc6cda3205fbd617cf2aae2
- SHA1
  
  7fdd7ddcaaa83b556463af95af3193f4880e7313
- SHA256
  
  3b6ea97b0f93b9342efc28ca5231c897cd9c22992fb31e540d6eb0b02bbc1613
- SHA512
  
  a4c9a4c93850e7700b1043d90ebdad62a022cb14e133b8836a44eece629ecf5f811cce4d8688888d2ea45773cf19afb424cb2600e979e50b3a16521c798c000b
- SSDEEP
  
  3072:+qLubVGYMB2vdwtGmHGdhGmD0tF5HkYHw5tp5H1:ZLsVGtNYmHClD0tnkT
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan