smokeloader | 71f78b8ea9a26b45321cc9a009824e2544ba1052f5e2d75d2d9291e4642ee270 | Triage

Resubmissions

29-08-2024 07:35

240829-je4t5azdnb 10

29-08-2024 04:27

240829-e24enatdmc 10

Sharing

General

Target

03877abf483cfd06d88d7ce54b425620N.exe
Size

280KB
Sample

240829-e24enatdmc
MD5

03877abf483cfd06d88d7ce54b425620
SHA1

5249fb5adb210b2ba86ceedb0888f239b84bd399
SHA256

71f78b8ea9a26b45321cc9a009824e2544ba1052f5e2d75d2d9291e4642ee270
SHA512

f2c32fd82ea9979c87c9e7ddb588fa539d197f420ffe82c1127323c7165d5fbfde6dc2ab2fd152a6f89b8551a2291775f45655940a68a500875732cf2ed01ddc
SSDEEP

6144:FaN6w1ri50kUbHlS6H1ZnV2z36xKeOpnr+TIlv:u6OWOk6IyBAzKxZgy6v

Score

10^/10

smokeloader pub6 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub6

Targets

- Target
  
  03877abf483cfd06d88d7ce54b425620N.exe
- Size
  
  280KB
- MD5
  
  03877abf483cfd06d88d7ce54b425620
- SHA1
  
  5249fb5adb210b2ba86ceedb0888f239b84bd399
- SHA256
  
  71f78b8ea9a26b45321cc9a009824e2544ba1052f5e2d75d2d9291e4642ee270
- SHA512
  
  f2c32fd82ea9979c87c9e7ddb588fa539d197f420ffe82c1127323c7165d5fbfde6dc2ab2fd152a6f89b8551a2291775f45655940a68a500875732cf2ed01ddc
- SSDEEP
  
  6144:FaN6w1ri50kUbHlS6H1ZnV2z36xKeOpnr+TIlv:u6OWOk6IyBAzKxZgy6v
Score

10^/10

smokeloader pub6 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub6backdoordiscoverytrojan

behavioral2

smokeloaderpub6backdoordiscoverytrojan