smokeloader | 8e41bb2066b636022e2c7d1772f211dd2d661e6d7fa4d1664bdc0b2f80009e77 | Triage

Sharing

General

Target

8e41bb2066b636022e2c7d1772f211dd2d661e6d7fa4d1664bdc0b2f80009e77.exe
Size

257KB
Sample

240926-cfmtnstemb
MD5

44146d1e227c749914f299b94deb5725
SHA1

99b0f3847ae488d8a88ae53e0071de38e84ddd5f
SHA256

8e41bb2066b636022e2c7d1772f211dd2d661e6d7fa4d1664bdc0b2f80009e77
SHA512

640b9e3b335a4bab1f9b1c6be5547ed77a5e00c9b91ec393126574cd61442b72e4b0908de0f5c47391a4ed179ed9b88666a19d818edbb9b57c1ab1d348c69ab3
SSDEEP

3072:yn6/vmOQOu0TEn/ckR5GEnO0O4yMCf53TfCT7LDcnpcn5r:y6mOQV04/cOQPOoKrDcnpcn5

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  8e41bb2066b636022e2c7d1772f211dd2d661e6d7fa4d1664bdc0b2f80009e77.exe
- Size
  
  257KB
- MD5
  
  44146d1e227c749914f299b94deb5725
- SHA1
  
  99b0f3847ae488d8a88ae53e0071de38e84ddd5f
- SHA256
  
  8e41bb2066b636022e2c7d1772f211dd2d661e6d7fa4d1664bdc0b2f80009e77
- SHA512
  
  640b9e3b335a4bab1f9b1c6be5547ed77a5e00c9b91ec393126574cd61442b72e4b0908de0f5c47391a4ed179ed9b88666a19d818edbb9b57c1ab1d348c69ab3
- SSDEEP
  
  3072:yn6/vmOQOu0TEn/ckR5GEnO0O4yMCf53TfCT7LDcnpcn5r:y6mOQV04/cOQPOoKrDcnpcn5
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan