smokeloader | 29a4f2d67a91f3c026156474e0fbe7ec41e24abfab4c99270bc2f711e2001ed2 | Triage

Sharing

General

Target

29a4f2d67a91f3c026156474e0fbe7ec41e24abfab4c99270bc2f711e2001ed2
Size

410KB
Sample

240921-xxsfpsyfqk
MD5

ff9385f9988f8e420f36c4b215683529
SHA1

f19891a444ec14b0756b633802aeac46d8d58d81
SHA256

29a4f2d67a91f3c026156474e0fbe7ec41e24abfab4c99270bc2f711e2001ed2
SHA512

90f13eefd8e5a48066b5be39a20074dd7126d51a1f56df074ed797ed84969b8ba20448943ee3e8527d88be0ba9b7cb20851d3160849b32475d0a40ec5c3d490f
SSDEEP

6144:DApnSx7ziyeOklmZ40NAql/JmRDuGGokP+OlNTMCDegWjdTHEgkuPFg:CSx6yBrFAqL0u1okmi5legWhYgV

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  29a4f2d67a91f3c026156474e0fbe7ec41e24abfab4c99270bc2f711e2001ed2
- Size
  
  410KB
- MD5
  
  ff9385f9988f8e420f36c4b215683529
- SHA1
  
  f19891a444ec14b0756b633802aeac46d8d58d81
- SHA256
  
  29a4f2d67a91f3c026156474e0fbe7ec41e24abfab4c99270bc2f711e2001ed2
- SHA512
  
  90f13eefd8e5a48066b5be39a20074dd7126d51a1f56df074ed797ed84969b8ba20448943ee3e8527d88be0ba9b7cb20851d3160849b32475d0a40ec5c3d490f
- SSDEEP
  
  6144:DApnSx7ziyeOklmZ40NAql/JmRDuGGokP+OlNTMCDegWjdTHEgkuPFg:CSx6yBrFAqL0u1okmi5legWhYgV
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan