smokeloader | ba664287c3fbf4e754c19c60085d36b41a91f7515426e8aac6390ccc1762fca8 | Triage

Sharing

General

Target

ba664287c3fbf4e754c19c60085d36b41a91f7515426e8aac6390ccc1762fca8
Size

396KB
Sample

240825-x1bx5asapr
MD5

60c92a95809f5a2d1117f275fad4dca6
SHA1

ab7009f96a69a6cb34168a3bff705b97b54fca00
SHA256

ba664287c3fbf4e754c19c60085d36b41a91f7515426e8aac6390ccc1762fca8
SHA512

eb441cb1fc2f0f2f103308d373f11b1b39f9b5255b9c081f65496cd383bf00bd45439cf934ddcabc5c0d620552699936a17e66bbd314ce93cd3d1a839cb12444
SSDEEP

3072:45Xu/RR1lmR7CDUcp6XhJEqEXeUXN+s8q3UdWhtXyZ8qrkUfLALwkm+j3FkJVTtT:syR1luCDtpsEuiqqoBzfLCwkBRkTm4N

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  ba664287c3fbf4e754c19c60085d36b41a91f7515426e8aac6390ccc1762fca8
- Size
  
  396KB
- MD5
  
  60c92a95809f5a2d1117f275fad4dca6
- SHA1
  
  ab7009f96a69a6cb34168a3bff705b97b54fca00
- SHA256
  
  ba664287c3fbf4e754c19c60085d36b41a91f7515426e8aac6390ccc1762fca8
- SHA512
  
  eb441cb1fc2f0f2f103308d373f11b1b39f9b5255b9c081f65496cd383bf00bd45439cf934ddcabc5c0d620552699936a17e66bbd314ce93cd3d1a839cb12444
- SSDEEP
  
  3072:45Xu/RR1lmR7CDUcp6XhJEqEXeUXN+s8q3UdWhtXyZ8qrkUfLALwkm+j3FkJVTtT:syR1luCDtpsEuiqqoBzfLCwkBRkTm4N
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan