smokeloader | 1c74be698ed0fe2b6381e8c970411fc0721a9a48e74c466719abf8e803b18685 | Triage

Sharing

General

Target

1c74be698ed0fe2b6381e8c970411fc0721a9a48e74c466719abf8e803b18685.exe
Size

200KB
Sample

240821-bk6lxawfqn
MD5

92a3b7891e06ee2fc6fd8775aea0e861
SHA1

6fc50c4729345ae708c5927d832409804d6d47da
SHA256

1c74be698ed0fe2b6381e8c970411fc0721a9a48e74c466719abf8e803b18685
SHA512

591c4b8fda3323e75f0550f76fea5fc38d11bc0c1884f2959026c074a53a5ca1ab1b839b7a2832e0b9a2af77f33290623fb86fb6e5b3e4ccf664831150ca7875
SSDEEP

3072:gaLl4gr97EoSzrXSRRFulYx/1115OjXTh:gaLl4gr97EoyrXSRFuth

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  1c74be698ed0fe2b6381e8c970411fc0721a9a48e74c466719abf8e803b18685.exe
- Size
  
  200KB
- MD5
  
  92a3b7891e06ee2fc6fd8775aea0e861
- SHA1
  
  6fc50c4729345ae708c5927d832409804d6d47da
- SHA256
  
  1c74be698ed0fe2b6381e8c970411fc0721a9a48e74c466719abf8e803b18685
- SHA512
  
  591c4b8fda3323e75f0550f76fea5fc38d11bc0c1884f2959026c074a53a5ca1ab1b839b7a2832e0b9a2af77f33290623fb86fb6e5b3e4ccf664831150ca7875
- SSDEEP
  
  3072:gaLl4gr97EoSzrXSRRFulYx/1115OjXTh:gaLl4gr97EoyrXSRFuth
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan