smokeloader | d27a5d17f4d440749b52b3eec48a27cd58f508600ecb31f3911a48e0f88014a5 | Triage

Sharing

General

Target

d27a5d17f4d440749b52b3eec48a27cd58f508600ecb31f3911a48e0f88014a5.exe
Size

199KB
Sample

240820-vxtbwsthle
MD5

32239d1a6fa9040ab702fc3a457c78a9
SHA1

686934fef15d6c1a4430de02c1114afc3807ab81
SHA256

d27a5d17f4d440749b52b3eec48a27cd58f508600ecb31f3911a48e0f88014a5
SHA512

7cfbd1f9c63459ca4689dc4802b1e42aa5e06c2167a8643554e0ba8bfb57f7990f8c034c2eb86e9c001632cfdb3f1141820946738c2b00686f08c6bcda61fa25
SSDEEP

3072:6vLHoX/ghrpbYf4L7EKgWFs/kOBh5w6ve:qLHoPgzbYwL7Nx7Ge

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d27a5d17f4d440749b52b3eec48a27cd58f508600ecb31f3911a48e0f88014a5.exe
- Size
  
  199KB
- MD5
  
  32239d1a6fa9040ab702fc3a457c78a9
- SHA1
  
  686934fef15d6c1a4430de02c1114afc3807ab81
- SHA256
  
  d27a5d17f4d440749b52b3eec48a27cd58f508600ecb31f3911a48e0f88014a5
- SHA512
  
  7cfbd1f9c63459ca4689dc4802b1e42aa5e06c2167a8643554e0ba8bfb57f7990f8c034c2eb86e9c001632cfdb3f1141820946738c2b00686f08c6bcda61fa25
- SSDEEP
  
  3072:6vLHoX/ghrpbYf4L7EKgWFs/kOBh5w6ve:qLHoPgzbYwL7Nx7Ge
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan