smokeloader | 726a67046152f94bf0372b95325f029d834f3bd3ce9246bdd76f03efac45195e | Triage

Sharing

General

Target

726a67046152f94bf0372b95325f029d834f3bd3ce9246bdd76f03efac45195e.exe
Size

412KB
Sample

240903-b9dmesveqd
MD5

244a4f649013d783dc87fca655d8fb38
SHA1

658e29b2d109d7238d4d3e890a9d59d6e68625ec
SHA256

726a67046152f94bf0372b95325f029d834f3bd3ce9246bdd76f03efac45195e
SHA512

d2feee480983d8409ab0f17f75b2d92269403168fc9aee9bc88004196301acc989c2c5ea741675fd8d2433d8d99f336a909fd38b2a7605f715cd8c779137093b
SSDEEP

6144:6umkZypyyY92DJhR56N/8Ab+9a+PsrVwffcij9UR/:6u7Zyw90sNkAb2vUrVwffciyR

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  726a67046152f94bf0372b95325f029d834f3bd3ce9246bdd76f03efac45195e.exe
- Size
  
  412KB
- MD5
  
  244a4f649013d783dc87fca655d8fb38
- SHA1
  
  658e29b2d109d7238d4d3e890a9d59d6e68625ec
- SHA256
  
  726a67046152f94bf0372b95325f029d834f3bd3ce9246bdd76f03efac45195e
- SHA512
  
  d2feee480983d8409ab0f17f75b2d92269403168fc9aee9bc88004196301acc989c2c5ea741675fd8d2433d8d99f336a909fd38b2a7605f715cd8c779137093b
- SSDEEP
  
  6144:6umkZypyyY92DJhR56N/8Ab+9a+PsrVwffcij9UR/:6u7Zyw90sNkAb2vUrVwffciyR
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan