smokeloader | c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547 | Triage

Sharing

General

Target

c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547.exe
Size

249KB
Sample

240923-bxr92sserg
MD5

d56bea8714d3b0d71a4905b3e9103e03
SHA1

f87548174e258b4e9aaf02a76d28874b87413f54
SHA256

c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547
SHA512

ca1cda273c0f828fb1773ae7fb06e01be85416b757777461db460a4c421802d0d33e2f5a23823197767871531efbce8eb65adf0cb7f716994ad7ea2e10fafa37
SSDEEP

3072:/QGHLMg57JJiTFgV5qzHXROliutbzQ9EH12gu5TlssAxaxBAUf7J:oGHLMwlEyViOAIg9EYBAel

Score

10^/10

smokeloader pub3 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547.exe
- Size
  
  249KB
- MD5
  
  d56bea8714d3b0d71a4905b3e9103e03
- SHA1
  
  f87548174e258b4e9aaf02a76d28874b87413f54
- SHA256
  
  c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547
- SHA512
  
  ca1cda273c0f828fb1773ae7fb06e01be85416b757777461db460a4c421802d0d33e2f5a23823197767871531efbce8eb65adf0cb7f716994ad7ea2e10fafa37
- SSDEEP
  
  3072:/QGHLMg57JJiTFgV5qzHXROliutbzQ9EH12gu5TlssAxaxBAUf7J:oGHLMwlEyViOAIg9EYBAel
Score

10^/10

smokeloader pub3 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub3backdoortrojan

behavioral2

smokeloaderpub3backdoordiscoverytrojan