smokeloader | 95b02599796c7c4cdb28717d3676e0af2398ae40049272589c9718084ebd8eba | Triage

Sharing

General

Target

95b02599796c7c4cdb28717d3676e0af2398ae40049272589c9718084ebd8eba
Size

228KB
Sample

240920-1gtklszbrm
MD5

7f415cd4210e183d4fc1395e4f0505e9
SHA1

9126f869461984c97192a56cb58f82a759fe3cf4
SHA256

95b02599796c7c4cdb28717d3676e0af2398ae40049272589c9718084ebd8eba
SHA512

1dda8e24b545cb882c6673e046eed1bfbf2df41e03920a74424a1c84a1e87aa240241516883e1e22af288603eb8968079420062b6ce8ab004fc4b8c701e99d54
SSDEEP

3072:zhY2Lm7iGK7d0+U8LkhuWeOCkKx5fKuAYcukO9Emf/n:zh3Lm7idyh8w0RAYcl6EmHn

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  95b02599796c7c4cdb28717d3676e0af2398ae40049272589c9718084ebd8eba
- Size
  
  228KB
- MD5
  
  7f415cd4210e183d4fc1395e4f0505e9
- SHA1
  
  9126f869461984c97192a56cb58f82a759fe3cf4
- SHA256
  
  95b02599796c7c4cdb28717d3676e0af2398ae40049272589c9718084ebd8eba
- SHA512
  
  1dda8e24b545cb882c6673e046eed1bfbf2df41e03920a74424a1c84a1e87aa240241516883e1e22af288603eb8968079420062b6ce8ab004fc4b8c701e99d54
- SSDEEP
  
  3072:zhY2Lm7iGK7d0+U8LkhuWeOCkKx5fKuAYcukO9Emf/n:zh3Lm7idyh8w0RAYcl6EmHn
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan