smokeloader | 1c1d81eaf1a389d4dafc6ba71a3e3bfaa477a49b4d3591956cab660165648028 | Triage

Sharing

General

Target

1c1d81eaf1a389d4dafc6ba71a3e3bfaa477a49b4d3591956cab660165648028.exe
Size

247KB
Sample

240926-bkb3asybmn
MD5

805d475d63cb9e43dd2b2a4e51fef22e
SHA1

2cd2f35437e227bfdcc5d493c53aa33ea96ef6e8
SHA256

1c1d81eaf1a389d4dafc6ba71a3e3bfaa477a49b4d3591956cab660165648028
SHA512

d4ae12bb46f3a353fbfbf264e2d2451b0fe4d88f784c764a769010c655343bd7a2886b46b322a0dbde762c0588a424c5dc60fb28bef93691debfb76a3b8cff89
SSDEEP

1536:6lkQFAhLLnr1SGehNq456Z9cNEiqv2XXCev6wKijpdsm1jwEHsPxm5tVe2tVaPcT:ItFAhLLnKXlKkzd1ZHsPA5u2zoYkPp0

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  1c1d81eaf1a389d4dafc6ba71a3e3bfaa477a49b4d3591956cab660165648028.exe
- Size
  
  247KB
- MD5
  
  805d475d63cb9e43dd2b2a4e51fef22e
- SHA1
  
  2cd2f35437e227bfdcc5d493c53aa33ea96ef6e8
- SHA256
  
  1c1d81eaf1a389d4dafc6ba71a3e3bfaa477a49b4d3591956cab660165648028
- SHA512
  
  d4ae12bb46f3a353fbfbf264e2d2451b0fe4d88f784c764a769010c655343bd7a2886b46b322a0dbde762c0588a424c5dc60fb28bef93691debfb76a3b8cff89
- SSDEEP
  
  1536:6lkQFAhLLnr1SGehNq456Z9cNEiqv2XXCev6wKijpdsm1jwEHsPxm5tVe2tVaPcT:ItFAhLLnKXlKkzd1ZHsPA5u2zoYkPp0
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan