smokeloader | 71b4334b5a947ba785b626bb2e7bad94da7af1efcb1d11b1d860d1bff0249dde | Triage

Sharing

General

Target

71b4334b5a947ba785b626bb2e7bad94da7af1efcb1d11b1d860d1bff0249dde.exe
Size

198KB
Sample

240820-bzl6taxbra
MD5

80ee873da2eca8b159dad763964e1535
SHA1

94db181c467e74d158edddf4ef248e282a0a719f
SHA256

71b4334b5a947ba785b626bb2e7bad94da7af1efcb1d11b1d860d1bff0249dde
SHA512

8aff3dfe5190e12cd740d9be0de1d6ca331ca6b80766c3112f7befb02d91c5c26d1845d20481f511351ac56733a94346a7fefc339c95e726a8885c60973f139d
SSDEEP

3072:ALPHH9M2PuZaX6gNtLlBdSC2EvASCcM25diY:ALPHH9M2oI6gNtPl2FTY

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  71b4334b5a947ba785b626bb2e7bad94da7af1efcb1d11b1d860d1bff0249dde.exe
- Size
  
  198KB
- MD5
  
  80ee873da2eca8b159dad763964e1535
- SHA1
  
  94db181c467e74d158edddf4ef248e282a0a719f
- SHA256
  
  71b4334b5a947ba785b626bb2e7bad94da7af1efcb1d11b1d860d1bff0249dde
- SHA512
  
  8aff3dfe5190e12cd740d9be0de1d6ca331ca6b80766c3112f7befb02d91c5c26d1845d20481f511351ac56733a94346a7fefc339c95e726a8885c60973f139d
- SSDEEP
  
  3072:ALPHH9M2PuZaX6gNtLlBdSC2EvASCcM25diY:ALPHH9M2oI6gNtPl2FTY
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan