smokeloader | 0c90d7ce16ad5a66e6ea8d6deee65fab486dfc31b304b80dd907751e51af8628 | Triage

Sharing

General

Target

0c90d7ce16ad5a66e6ea8d6deee65fab486dfc31b304b80dd907751e51af8628
Size

263KB
Sample

240921-1qt8hawcje
MD5

b8f26190f37263417a2a9d49953d4711
SHA1

265f54c08fea73777a1cefae86892114586dd6d6
SHA256

0c90d7ce16ad5a66e6ea8d6deee65fab486dfc31b304b80dd907751e51af8628
SHA512

8ea70594d41432264f9a7aadaad8ef1cc23da6f46004538556b077c2f98383fc392ac4e11cfd1046e896b1e765d72de43d1beafbd0e6192dad4d9cce8438be7c
SSDEEP

6144:HFx03FJPfTnDblS3+UXnHNoFt97Zaa0AFe4DOov:bGJznflSO4nHNoFf7lu

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  0c90d7ce16ad5a66e6ea8d6deee65fab486dfc31b304b80dd907751e51af8628
- Size
  
  263KB
- MD5
  
  b8f26190f37263417a2a9d49953d4711
- SHA1
  
  265f54c08fea73777a1cefae86892114586dd6d6
- SHA256
  
  0c90d7ce16ad5a66e6ea8d6deee65fab486dfc31b304b80dd907751e51af8628
- SHA512
  
  8ea70594d41432264f9a7aadaad8ef1cc23da6f46004538556b077c2f98383fc392ac4e11cfd1046e896b1e765d72de43d1beafbd0e6192dad4d9cce8438be7c
- SSDEEP
  
  6144:HFx03FJPfTnDblS3+UXnHNoFt97Zaa0AFe4DOov:bGJznflSO4nHNoFf7lu
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan