smokeloader | d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380 | Triage

Sharing

General

Target

d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380.exe
Size

208KB
Sample

240823-c8q2sstenk
MD5

979951c8de45460fff2197797b54aa1e
SHA1

64736caebb69bab6f2fdd6549c6bec9454d8132d
SHA256

d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380
SHA512

6984dde3bbc3483141e3cb475c2dcee83d08180215263077d678f2c6f13e912d0a0ab51ceb0299ea7af18ed166c6e9323380e03b92ce73e5c15b4cd86e803fe8
SSDEEP

1536:Mb83IHUaGDgtlvQpVCkIPbJqMzxnVYt6/27RSYNHtEKOBLj25kvfB5xPO61N4mDg:MbBFnWwkIjAMznL/2zipzv55o64c6tM

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380.exe
- Size
  
  208KB
- MD5
  
  979951c8de45460fff2197797b54aa1e
- SHA1
  
  64736caebb69bab6f2fdd6549c6bec9454d8132d
- SHA256
  
  d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380
- SHA512
  
  6984dde3bbc3483141e3cb475c2dcee83d08180215263077d678f2c6f13e912d0a0ab51ceb0299ea7af18ed166c6e9323380e03b92ce73e5c15b4cd86e803fe8
- SSDEEP
  
  1536:Mb83IHUaGDgtlvQpVCkIPbJqMzxnVYt6/27RSYNHtEKOBLj25kvfB5xPO61N4mDg:MbBFnWwkIjAMznL/2zipzv55o64c6tM
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan