smokeloader | 945216c6ef3b2f1b375ccb34319f8fa67dd24d170ece1187f144550580b6434b | Triage

Sharing

General

Target

945216c6ef3b2f1b375ccb34319f8fa67dd24d170ece1187f144550580b6434b
Size

208KB
Sample

240821-25qz3azbkn
MD5

1e2b96c3fb009278d5d74fc99cc45600
SHA1

718261633014224c2153ec72676433a049303498
SHA256

945216c6ef3b2f1b375ccb34319f8fa67dd24d170ece1187f144550580b6434b
SHA512

96342446b4ce8c2ad00e11c3fbd942596b6ee466063dab5f81ca79d3fd2a2c40a7f408327102c8f6187870c465485e75f4729eac4f473e941151e28c184c7479
SSDEEP

1536:pX8/UYgyW3gmxr26fQpuX6oVNOYscGR3+wVQeLSiiAmOkAQVLtERaeLj2wkWp45u:pXlgMQuX6/hT3lTSpNOeGPgW+5SNztM

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  945216c6ef3b2f1b375ccb34319f8fa67dd24d170ece1187f144550580b6434b
- Size
  
  208KB
- MD5
  
  1e2b96c3fb009278d5d74fc99cc45600
- SHA1
  
  718261633014224c2153ec72676433a049303498
- SHA256
  
  945216c6ef3b2f1b375ccb34319f8fa67dd24d170ece1187f144550580b6434b
- SHA512
  
  96342446b4ce8c2ad00e11c3fbd942596b6ee466063dab5f81ca79d3fd2a2c40a7f408327102c8f6187870c465485e75f4729eac4f473e941151e28c184c7479
- SSDEEP
  
  1536:pX8/UYgyW3gmxr26fQpuX6oVNOYscGR3+wVQeLSiiAmOkAQVLtERaeLj2wkWp45u:pXlgMQuX6/hT3lTSpNOeGPgW+5SNztM
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan