smokeloader | d3e138b03be305d34d6ee21c5f4cc4d496ff447601ffb71508e23e580bd50e7c | Triage

Sharing

General

Target

d3e138b03be305d34d6ee21c5f4cc4d496ff447601ffb71508e23e580bd50e7c.exe
Size

263KB
Sample

240820-cfczgasbpj
MD5

f0acef7e2d7b1a8d231fe6015ba8ece8
SHA1

a5a75364df3e731f629d85db72945798c14692f2
SHA256

d3e138b03be305d34d6ee21c5f4cc4d496ff447601ffb71508e23e580bd50e7c
SHA512

a321d94b52151fa8807c4906d4eb0e09e80d862d882d64322a99c4029e1a23088623bd9c5ed3db207526010121b107ca5615e28554d4779f2adf6966d0cc3873
SSDEEP

3072:g7BLqLlNkHGhJQm+04DLPkpVYi300gQDjHU5klN+LkNoCGwP6:vh7+VX8DzLSkNoCG

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d3e138b03be305d34d6ee21c5f4cc4d496ff447601ffb71508e23e580bd50e7c.exe
- Size
  
  263KB
- MD5
  
  f0acef7e2d7b1a8d231fe6015ba8ece8
- SHA1
  
  a5a75364df3e731f629d85db72945798c14692f2
- SHA256
  
  d3e138b03be305d34d6ee21c5f4cc4d496ff447601ffb71508e23e580bd50e7c
- SHA512
  
  a321d94b52151fa8807c4906d4eb0e09e80d862d882d64322a99c4029e1a23088623bd9c5ed3db207526010121b107ca5615e28554d4779f2adf6966d0cc3873
- SSDEEP
  
  3072:g7BLqLlNkHGhJQm+04DLPkpVYi300gQDjHU5klN+LkNoCGwP6:vh7+VX8DzLSkNoCG
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan