smokeloader | acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674 | Triage

Sharing

General

Target

acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674.exe
Size

208KB
Sample

240823-cytpya1bmh
MD5

655a5965f6358d8391e18cff5e600815
SHA1

14d41b08cc0608ad1f455174f58a281f44171514
SHA256

acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674
SHA512

f95ea69fce21596f3adef59031bb8455a47ade00769fe451f39ccc502d3ff86ab20434dd7c038e7105ee4f54641dc17560ee3b6a320aacaabc6496d7815916a5
SSDEEP

1536:FHsTyQCmnQdNTTA8svX5jsWaH2e5M6KvApxLeBFAr9PfN0911LT2BkWq45oOxe2g:FH7vdTAvXBYrMr/QVqBDWh5oWeLO6tM

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674.exe
- Size
  
  208KB
- MD5
  
  655a5965f6358d8391e18cff5e600815
- SHA1
  
  14d41b08cc0608ad1f455174f58a281f44171514
- SHA256
  
  acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674
- SHA512
  
  f95ea69fce21596f3adef59031bb8455a47ade00769fe451f39ccc502d3ff86ab20434dd7c038e7105ee4f54641dc17560ee3b6a320aacaabc6496d7815916a5
- SSDEEP
  
  1536:FHsTyQCmnQdNTTA8svX5jsWaH2e5M6KvApxLeBFAr9PfN0911LT2BkWq45oOxe2g:FH7vdTAvXBYrMr/QVqBDWh5oWeLO6tM
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan