smokeloader | b3f3e5156e5efb6adc6fe1f371f9c6ee45b4343edbcaa53409aa70eef12d0712 | Triage

Sharing

General

Target

b3f3e5156e5efb6adc6fe1f371f9c6ee45b4343edbcaa53409aa70eef12d0712.exe
Size

210KB
Sample

240926-crd1xavckg
MD5

690d9d8b5c9808712155fb7cc3273c75
SHA1

fc6cdf86dc2fb0743c1c65589e237c2e340bdf68
SHA256

b3f3e5156e5efb6adc6fe1f371f9c6ee45b4343edbcaa53409aa70eef12d0712
SHA512

b8ac416efa69c5cfeff479f9d4658831d2024eea216910b5de99351cc393caf50f904ef70d892ab2b160282678dffe7088bcc443c9c937b471c8a212850b6b7e
SSDEEP

3072:mnLAFNQ4AzdvJr6GsucA/uXvFT+bjXdwBv5v:6LAFxAzdvJNZcNfIHI

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  b3f3e5156e5efb6adc6fe1f371f9c6ee45b4343edbcaa53409aa70eef12d0712.exe
- Size
  
  210KB
- MD5
  
  690d9d8b5c9808712155fb7cc3273c75
- SHA1
  
  fc6cdf86dc2fb0743c1c65589e237c2e340bdf68
- SHA256
  
  b3f3e5156e5efb6adc6fe1f371f9c6ee45b4343edbcaa53409aa70eef12d0712
- SHA512
  
  b8ac416efa69c5cfeff479f9d4658831d2024eea216910b5de99351cc393caf50f904ef70d892ab2b160282678dffe7088bcc443c9c937b471c8a212850b6b7e
- SSDEEP
  
  3072:mnLAFNQ4AzdvJr6GsucA/uXvFT+bjXdwBv5v:6LAFxAzdvJNZcNfIHI
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan