smokeloader | 295541b770ee3873d47f03525ff821c20b2543dd2af4c5e5fb1aa1369ee987ef | Triage

Sharing

General

Target

295541b770ee3873d47f03525ff821c20b2543dd2af4c5e5fb1aa1369ee987ef.exe
Size

215KB
Sample

240821-bpv1zatake
MD5

5d831cc9a1f0d0373c115a4211718bb9
SHA1

843a5d61efe3323266a07678cbbe711527199313
SHA256

295541b770ee3873d47f03525ff821c20b2543dd2af4c5e5fb1aa1369ee987ef
SHA512

436c0190964db2a2e73e36d77e78fb9139b718e76707afd4a6c41770e01f07fcb413ac47ab3735b69dad3125d90984caba0c8a2649c6c8b50e3cf8830abe19a9
SSDEEP

3072:S4Ahcr4E2HPaXa3n1jL7yRIAMW5MWB5NpO3c:Sm2HgaX1XyRI6JpO

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  295541b770ee3873d47f03525ff821c20b2543dd2af4c5e5fb1aa1369ee987ef.exe
- Size
  
  215KB
- MD5
  
  5d831cc9a1f0d0373c115a4211718bb9
- SHA1
  
  843a5d61efe3323266a07678cbbe711527199313
- SHA256
  
  295541b770ee3873d47f03525ff821c20b2543dd2af4c5e5fb1aa1369ee987ef
- SHA512
  
  436c0190964db2a2e73e36d77e78fb9139b718e76707afd4a6c41770e01f07fcb413ac47ab3735b69dad3125d90984caba0c8a2649c6c8b50e3cf8830abe19a9
- SSDEEP
  
  3072:S4Ahcr4E2HPaXa3n1jL7yRIAMW5MWB5NpO3c:Sm2HgaX1XyRI6JpO
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan