smokeloader | 69d7c67391bdf197766e49e5bba47b59833c5a07f4e5cf1735b2f8a94e400c24 | Triage

Sharing

General

Target

2372-3-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240925-h2svpsvfkc
MD5

f179435c05488c9051987828091047d3
SHA1

37279814c9717c47644d8bf4a4105b54aaa423b6
SHA256

69d7c67391bdf197766e49e5bba47b59833c5a07f4e5cf1735b2f8a94e400c24
SHA512

ef68e3e1a6d2264160555721244c292a61cf72b87fba93229f8cbf76ff4bba854ee8d0cd0ed0379d464b47f417e262de862bde7cfbb957d815abbbdd978aeafd
SSDEEP

768:CazBIa4ueiy5proFvY9NSiNUzhHzp587z78Lj946ZYlueKZN:tguWrpSiN2lz/e7kcueKZN

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  2372-3-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  f179435c05488c9051987828091047d3
- SHA1
  
  37279814c9717c47644d8bf4a4105b54aaa423b6
- SHA256
  
  69d7c67391bdf197766e49e5bba47b59833c5a07f4e5cf1735b2f8a94e400c24
- SHA512
  
  ef68e3e1a6d2264160555721244c292a61cf72b87fba93229f8cbf76ff4bba854ee8d0cd0ed0379d464b47f417e262de862bde7cfbb957d815abbbdd978aeafd
- SSDEEP
  
  768:CazBIa4ueiy5proFvY9NSiNUzhHzp587z78Lj946ZYlueKZN:tguWrpSiN2lz/e7kcueKZN
Score

10^/10

smokeloader backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pub2smokeloader

behavioral1

smokeloaderbackdoordiscoverytrojan

behavioral2

smokeloaderbackdoordiscoverytrojan