smokeloader | 1025c4755d708f087560cd1eb2babd1274a63c82c7f0133ce9b05ef5906b2133 | Triage

Sharing

General

Target

6330f66a7f9f653f2412b08dfebb2af2.exe
Size

239KB
Sample

240925-ggv9naybpm
MD5

6330f66a7f9f653f2412b08dfebb2af2
SHA1

e8b4807b1d982710f30eef57da8fd0a04037f602
SHA256

1025c4755d708f087560cd1eb2babd1274a63c82c7f0133ce9b05ef5906b2133
SHA512

53fa2367b0fc5ab04640cb2e28a15c8020fb13a66f9eb61ca7f8508f12576a6df1f24883aa82a03fc11c8cc16a15c7a328ae807089804d87e65fa50b8fdece44
SSDEEP

6144:dGDpmSK310dvJ7sSISsz7ir/Mbp0Vdh1aQ:d+ppM10dvpsVF7iTVdz

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  6330f66a7f9f653f2412b08dfebb2af2.exe
- Size
  
  239KB
- MD5
  
  6330f66a7f9f653f2412b08dfebb2af2
- SHA1
  
  e8b4807b1d982710f30eef57da8fd0a04037f602
- SHA256
  
  1025c4755d708f087560cd1eb2babd1274a63c82c7f0133ce9b05ef5906b2133
- SHA512
  
  53fa2367b0fc5ab04640cb2e28a15c8020fb13a66f9eb61ca7f8508f12576a6df1f24883aa82a03fc11c8cc16a15c7a328ae807089804d87e65fa50b8fdece44
- SSDEEP
  
  6144:dGDpmSK310dvJ7sSISsz7ir/Mbp0Vdh1aQ:d+ppM10dvpsVF7iTVdz
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan