smokeloader | 41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404 | Triage

Sharing

General

Target

41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404
Size

350KB
Sample

240826-fn8ynaxhlk
MD5

d78d85135f584e455f692923d9feb804
SHA1

7bf6d4d00326ecfa3e48644896d3407ab473a9d5
SHA256

41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404
SHA512

1fb4e040511f3bbf8c04459942d1a5915b5f8fe78dd169b932e04dc7ccdb227aee42327a8071136b27a368f2fe8b8b5de3c9187d4b3cc5354cbba0a1d89d26bb
SSDEEP

6144:gSVu917CQaNutVHcaOLnysBBPEDcu4jZ21sK0O:gSE91m7WSasBPu6Z2z

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404
- Size
  
  350KB
- MD5
  
  d78d85135f584e455f692923d9feb804
- SHA1
  
  7bf6d4d00326ecfa3e48644896d3407ab473a9d5
- SHA256
  
  41582c8b6bd111a2f141dee52b619d13278ef68754691263abeb3238d485f404
- SHA512
  
  1fb4e040511f3bbf8c04459942d1a5915b5f8fe78dd169b932e04dc7ccdb227aee42327a8071136b27a368f2fe8b8b5de3c9187d4b3cc5354cbba0a1d89d26bb
- SSDEEP
  
  6144:gSVu917CQaNutVHcaOLnysBBPEDcu4jZ21sK0O:gSE91m7WSasBPu6Z2z
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan