smokeloader | 78da2553f2f04534dddabd2fb6cc1a41c67d5eeb220516d773d79db0547a4408 | Triage

Sharing

General

Target

d78d85135f584e455f692923d9feb804.bin
Size

211KB
Sample

240825-cbqprssalb
MD5

048fd1ab1f5ba33137a5d4f5977912df
SHA1

ca9e792c8e1182b3e5ffadca6304e195b53014f7
SHA256

78da2553f2f04534dddabd2fb6cc1a41c67d5eeb220516d773d79db0547a4408
SHA512

d2c4bde3dd43cce051d91040f4d3f221bcc5a0e4a63648fffbc6f78eefa2106812198e8bf9ea5cd8084101c04351da83450cae4bc2cca40177dc54c4e36ceb7f
SSDEEP

3072:i4/Bes0vZ6vc9NTB5IxPUlNkEV52DnnKwJR7SiSeuCKQjGQhKoXQpoEy1qx54Oxa:d/C5ICU8qnKA7bSSKXui2OxWeLS/

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404.exe
- Size
  
  350KB
- MD5
  
  d78d85135f584e455f692923d9feb804
- SHA1
  
  7bf6d4d00326ecfa3e48644896d3407ab473a9d5
- SHA256
  
  41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404
- SHA512
  
  1fb4e040511f3bbf8c04459942d1a5915b5f8fe78dd169b932e04dc7ccdb227aee42327a8071136b27a368f2fe8b8b5de3c9187d4b3cc5354cbba0a1d89d26bb
- SSDEEP
  
  6144:gSVu917CQaNutVHcaOLnysBBPEDcu4jZ21sK0O:gSE91m7WSasBPu6Z2z
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan