smokeloader | a16bac102cd51614f5629f28bac9ab867ed8bec0d37ee26904b78a4aaab82253 | Triage

Sharing

General

Target

a16bac102cd51614f5629f28bac9ab867ed8bec0d37ee26904b78a4aaab82253.exe
Size

207KB
Sample

241003-cajvtsycnj
MD5

8323e9372d528ae4e4b53d97dac3ff7e
SHA1

738a29de8c4020de9b54a574a5011cda468bf274
SHA256

a16bac102cd51614f5629f28bac9ab867ed8bec0d37ee26904b78a4aaab82253
SHA512

2e949981309e0942eefad8ec35e49b94e6b8c69ffbb71933ed31e50f60e130f41ef395d14678dc8d5162484f9486b1da9ebad7fc46f3fc23ae869382f93131f1
SSDEEP

3072:VLdMNw/b5F9LWHmYa9LVkdBN5fufKl/B3:VLKNCD+m9LVwLr

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  a16bac102cd51614f5629f28bac9ab867ed8bec0d37ee26904b78a4aaab82253.exe
- Size
  
  207KB
- MD5
  
  8323e9372d528ae4e4b53d97dac3ff7e
- SHA1
  
  738a29de8c4020de9b54a574a5011cda468bf274
- SHA256
  
  a16bac102cd51614f5629f28bac9ab867ed8bec0d37ee26904b78a4aaab82253
- SHA512
  
  2e949981309e0942eefad8ec35e49b94e6b8c69ffbb71933ed31e50f60e130f41ef395d14678dc8d5162484f9486b1da9ebad7fc46f3fc23ae869382f93131f1
- SSDEEP
  
  3072:VLdMNw/b5F9LWHmYa9LVkdBN5fufKl/B3:VLKNCD+m9LVwLr
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan