smokeloader | 0f2c5e8359294b9a9b7024ec68f99cac19c42935cfd9b8a6dc3e5cb9f80d7f96 | Triage

Sharing

General

Target

2420-3-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240917-rn2ecsxdjc
MD5

75e64323e7ca836a52df8acf215f2d9c
SHA1

f39831c1fb971c58fb3f69fb4270ec68271002df
SHA256

0f2c5e8359294b9a9b7024ec68f99cac19c42935cfd9b8a6dc3e5cb9f80d7f96
SHA512

f195e9ea0644f84f51e4724fe2810e1edd51044988439b9f7bc955b8a5e42a327d144184622938de4526cf6658c28c52d6518288ff07c40d3ce3cc4fe260f8fa
SSDEEP

768:LaFq5EYzNuZNe3moyGali+xD1Ux+v/RN:LaEzEXCXyRJxw6j

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  2420-3-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  75e64323e7ca836a52df8acf215f2d9c
- SHA1
  
  f39831c1fb971c58fb3f69fb4270ec68271002df
- SHA256
  
  0f2c5e8359294b9a9b7024ec68f99cac19c42935cfd9b8a6dc3e5cb9f80d7f96
- SHA512
  
  f195e9ea0644f84f51e4724fe2810e1edd51044988439b9f7bc955b8a5e42a327d144184622938de4526cf6658c28c52d6518288ff07c40d3ce3cc4fe260f8fa
- SSDEEP
  
  768:LaFq5EYzNuZNe3moyGali+xD1Ux+v/RN:LaEzEXCXyRJxw6j
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pub2smokeloader

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan