smokeloader | 76ba1d82e20b13b9d1becbb799aa68f6539092f6823f38a86ce935b0650b0556 | Triage

Sharing

General

Target

76ba1d82e20b13b9d1becbb799aa68f6539092f6823f38a86ce935b0650b0556.exe
Size

240KB
Sample

240823-lzkcbsxekb
MD5

17a42973c0651ecbd8dbea12ecadbf26
SHA1

27a3fb8983c58d10298da1a7c733728b5f8bcb6f
SHA256

76ba1d82e20b13b9d1becbb799aa68f6539092f6823f38a86ce935b0650b0556
SHA512

f7e559e111c10ceaa02130fc559865cbe8d5731dd8c90de50e6c7a8da7aab76d57b29f26adabbb19b5932a0644a9ba3c6b328e39c8d9ffc0ea9b88151f0772d4
SSDEEP

3072:ZalwiHyvQclch5cAmaRQCVb0s35DbpRHdzqI:ZQqcvdRPb/rde

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  76ba1d82e20b13b9d1becbb799aa68f6539092f6823f38a86ce935b0650b0556.exe
- Size
  
  240KB
- MD5
  
  17a42973c0651ecbd8dbea12ecadbf26
- SHA1
  
  27a3fb8983c58d10298da1a7c733728b5f8bcb6f
- SHA256
  
  76ba1d82e20b13b9d1becbb799aa68f6539092f6823f38a86ce935b0650b0556
- SHA512
  
  f7e559e111c10ceaa02130fc559865cbe8d5731dd8c90de50e6c7a8da7aab76d57b29f26adabbb19b5932a0644a9ba3c6b328e39c8d9ffc0ea9b88151f0772d4
- SSDEEP
  
  3072:ZalwiHyvQclch5cAmaRQCVb0s35DbpRHdzqI:ZQqcvdRPb/rde
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan