smokeloader | 5fca3f761720e032add8169fe99c64d9de874db06d5994c4f124de98d2af4d35 | Triage

Sharing

General

Target

setup2.exe
Size

227KB
Sample

240828-sd5jpssgmf
MD5

0f11d18a5a7c0ec929e6afec9d39e9fd
SHA1

d1b0177a323a00e0c83769e25b7d9a5cc651c282
SHA256

5fca3f761720e032add8169fe99c64d9de874db06d5994c4f124de98d2af4d35
SHA512

cec2f196f898b5060877c31abc874fd4e08b096c592dc5abc6ef57a4de20c2e8d1f66024dd4b5f12ef85da208112685db5bbf77828f1bc0b09c7eb4f7f84b916
SSDEEP

3072:5dHfJpRiwr7B0dlrMgqYwLP9KSzylmU2JsHhp:5dHfJpRiwnOdl4gwDUkyzYs

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  setup2.exe
- Size
  
  227KB
- MD5
  
  0f11d18a5a7c0ec929e6afec9d39e9fd
- SHA1
  
  d1b0177a323a00e0c83769e25b7d9a5cc651c282
- SHA256
  
  5fca3f761720e032add8169fe99c64d9de874db06d5994c4f124de98d2af4d35
- SHA512
  
  cec2f196f898b5060877c31abc874fd4e08b096c592dc5abc6ef57a4de20c2e8d1f66024dd4b5f12ef85da208112685db5bbf77828f1bc0b09c7eb4f7f84b916
- SSDEEP
  
  3072:5dHfJpRiwr7B0dlrMgqYwLP9KSzylmU2JsHhp:5dHfJpRiwnOdl4gwDUkyzYs
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan