smokeloader | edf20ee240507ae1f49a20f8d20deee11484c013150d6d57ae1fe8ff69e0f8d5 | Triage

Sharing

General

Target

edf20ee240507ae1f49a20f8d20deee11484c013150d6d57ae1fe8ff69e0f8d5.exe
Size

249KB
Sample

240820-v3y5bsvbmh
MD5

a4dcc4c43300258b95a84234c667e89e
SHA1

53b9bc774b1e6b2079ccdbc6dd46bdcd45a13364
SHA256

edf20ee240507ae1f49a20f8d20deee11484c013150d6d57ae1fe8ff69e0f8d5
SHA512

08e0adae7f131ea8e93929cd37ea2d06d84f3b0da5a5bc68596f84bbfc3b7a0011a653104d14a7d5747ac2da10bf74c9996e18199ca6b57d32ffd73cebad5238
SSDEEP

3072:sGO9Lh4MEJGDcAEyWxzzFo1kGRrk5EKk0JUpVn:0I9JGD9EyWdz2zm

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  edf20ee240507ae1f49a20f8d20deee11484c013150d6d57ae1fe8ff69e0f8d5.exe
- Size
  
  249KB
- MD5
  
  a4dcc4c43300258b95a84234c667e89e
- SHA1
  
  53b9bc774b1e6b2079ccdbc6dd46bdcd45a13364
- SHA256
  
  edf20ee240507ae1f49a20f8d20deee11484c013150d6d57ae1fe8ff69e0f8d5
- SHA512
  
  08e0adae7f131ea8e93929cd37ea2d06d84f3b0da5a5bc68596f84bbfc3b7a0011a653104d14a7d5747ac2da10bf74c9996e18199ca6b57d32ffd73cebad5238
- SSDEEP
  
  3072:sGO9Lh4MEJGDcAEyWxzzFo1kGRrk5EKk0JUpVn:0I9JGD9EyWdz2zm
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan