smokeloader | d66433c02e64994748388324ef08e19ba53bdf553fbcee3c3a9f6981ce4a68c4 | Triage

Sharing

General

Target

d66433c02e64994748388324ef08e19ba53bdf553fbcee3c3a9f6981ce4a68c4.exe
Size

210KB
Sample

240820-cgdbmaybqe
MD5

1cbcaf465e4063b7cf375b8aac42d2ed
SHA1

f22752d750205ff805a96fdfd7cfa8f440074b7a
SHA256

d66433c02e64994748388324ef08e19ba53bdf553fbcee3c3a9f6981ce4a68c4
SHA512

e385340138649ba8ed73f7bddf329e3fe943d49e131a0267963ae6a46e2ff229c7f83e4b1c7312442355a3663e5daddb63a76b0f376a2439a36f12186b8d2dc5
SSDEEP

3072:jPLAyxNLy8fjpw0uFSkiKkLcFRQv5Alf:jLAyxhy8bTG26hf

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d66433c02e64994748388324ef08e19ba53bdf553fbcee3c3a9f6981ce4a68c4.exe
- Size
  
  210KB
- MD5
  
  1cbcaf465e4063b7cf375b8aac42d2ed
- SHA1
  
  f22752d750205ff805a96fdfd7cfa8f440074b7a
- SHA256
  
  d66433c02e64994748388324ef08e19ba53bdf553fbcee3c3a9f6981ce4a68c4
- SHA512
  
  e385340138649ba8ed73f7bddf329e3fe943d49e131a0267963ae6a46e2ff229c7f83e4b1c7312442355a3663e5daddb63a76b0f376a2439a36f12186b8d2dc5
- SSDEEP
  
  3072:jPLAyxNLy8fjpw0uFSkiKkLcFRQv5Alf:jLAyxhy8bTG26hf
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan