smokeloader | a2b8d4f469a7b8c8900df12569de67f5c8cb68e68177d482ff7ccfe9d580101b | Triage

Sharing

General

Target

a2b8d4f469a7b8c8900df12569de67f5c8cb68e68177d482ff7ccfe9d580101b.exe
Size

270KB
Sample

240921-bxp5payfme
MD5

55cf0ba0a65d11eee638b11ba9e2f3a1
SHA1

a34d2eca33a11ee443675788174220984963be47
SHA256

a2b8d4f469a7b8c8900df12569de67f5c8cb68e68177d482ff7ccfe9d580101b
SHA512

474f6edd85755b256e23f1168f460516385f1adda62604e37bd95339c526ee81077854c6aaf171db0420173fd3eeb371070173f8036a106f3b28c5bf96fcfd67
SSDEEP

6144:tDN0YXMIebj1xc/2K1OIoZ8yruBSXMPoiHzWZVfPybyX86EsUY:t+/IebS2sOZZ8yruBSXMPohPyi8j

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  a2b8d4f469a7b8c8900df12569de67f5c8cb68e68177d482ff7ccfe9d580101b.exe
- Size
  
  270KB
- MD5
  
  55cf0ba0a65d11eee638b11ba9e2f3a1
- SHA1
  
  a34d2eca33a11ee443675788174220984963be47
- SHA256
  
  a2b8d4f469a7b8c8900df12569de67f5c8cb68e68177d482ff7ccfe9d580101b
- SHA512
  
  474f6edd85755b256e23f1168f460516385f1adda62604e37bd95339c526ee81077854c6aaf171db0420173fd3eeb371070173f8036a106f3b28c5bf96fcfd67
- SSDEEP
  
  6144:tDN0YXMIebj1xc/2K1OIoZ8yruBSXMPoiHzWZVfPybyX86EsUY:t+/IebS2sOZZ8yruBSXMPohPyi8j
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan