smokeloader | 0c50705ed7cfc68f11aecd4cee0b808934d4957672ac0ea0615e9a1c31870a52 | Triage

Sharing

General

Target

file.exe
Size

409KB
Sample

240921-jldlhs1hlr
MD5

2f59fbd6623872fbdc2f63d18023bfda
SHA1

a71fd212dc780edd062584acfe3fc28a8090d039
SHA256

0c50705ed7cfc68f11aecd4cee0b808934d4957672ac0ea0615e9a1c31870a52
SHA512

bd2caeb7e88b333b31a864b66fe7b14cdf86560b488ae2b911893a059e184e7a80f0ede8423ac8c10de2bcff3f5a85d1477f0a2e74986066f69d636d159b62f8
SSDEEP

6144:6FlsK6LzPfEoIw13JVbP2GOSbkee7xJVGZchwrWEKCoD0Yj8lmxEkuPF7:zK6HfEBsJVblOIQxGZYIWlaNV

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  file.exe
- Size
  
  409KB
- MD5
  
  2f59fbd6623872fbdc2f63d18023bfda
- SHA1
  
  a71fd212dc780edd062584acfe3fc28a8090d039
- SHA256
  
  0c50705ed7cfc68f11aecd4cee0b808934d4957672ac0ea0615e9a1c31870a52
- SHA512
  
  bd2caeb7e88b333b31a864b66fe7b14cdf86560b488ae2b911893a059e184e7a80f0ede8423ac8c10de2bcff3f5a85d1477f0a2e74986066f69d636d159b62f8
- SSDEEP
  
  6144:6FlsK6LzPfEoIw13JVbP2GOSbkee7xJVGZchwrWEKCoD0Yj8lmxEkuPF7:zK6HfEBsJVblOIQxGZYIWlaNV
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan