smokeloader | 65c77de15e73e66154cfb70bcb4458880132e612ad050210f24322520d7e3251 | Triage

Sharing

General

Target

65c77de15e73e66154cfb70bcb4458880132e612ad050210f24322520d7e3251
Size

395KB
Sample

240825-n5zejstamc
MD5

3fd83db27cc71434e902a9d1e96aa641
SHA1

6d335794c208c714ea2e01dd18b698780149e7cf
SHA256

65c77de15e73e66154cfb70bcb4458880132e612ad050210f24322520d7e3251
SHA512

7f4fb755aeac9bb59c47ddf03e46003310507b238f1846a8ffbd10cc35233b92b13c36249cf046543504fd7eb37408b4aca7f0fa7090d42d85c73e1e8743f0b7
SSDEEP

6144:c/lmsfkSlnFniyG5RF53FVsbPMuEOtynZGWSuhAp8DfG:c/UsHHiJRFVsbJbtoZzSuwoG

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  65c77de15e73e66154cfb70bcb4458880132e612ad050210f24322520d7e3251
- Size
  
  395KB
- MD5
  
  3fd83db27cc71434e902a9d1e96aa641
- SHA1
  
  6d335794c208c714ea2e01dd18b698780149e7cf
- SHA256
  
  65c77de15e73e66154cfb70bcb4458880132e612ad050210f24322520d7e3251
- SHA512
  
  7f4fb755aeac9bb59c47ddf03e46003310507b238f1846a8ffbd10cc35233b92b13c36249cf046543504fd7eb37408b4aca7f0fa7090d42d85c73e1e8743f0b7
- SSDEEP
  
  6144:c/lmsfkSlnFniyG5RF53FVsbPMuEOtynZGWSuhAp8DfG:c/UsHHiJRFVsbJbtoZzSuwoG
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan