smokeloader | 79a57ce64cf1aadccd3f1b74686209416ef9c4cd45d4ac9b28ff9ea016ec8955 | Triage

Sharing

General

Target

f42c96419b2d60b119735e324adfb433.exe
Size

213KB
Sample

241009-bxdfwsyfjn
MD5

f42c96419b2d60b119735e324adfb433
SHA1

602382bc894def4541e9bab78a5015b020d6cc7d
SHA256

79a57ce64cf1aadccd3f1b74686209416ef9c4cd45d4ac9b28ff9ea016ec8955
SHA512

3f2a5e9056065e0f6ecba81c4b3eb329c870946a0b0ffa94e7af8354fe781cb18db8ddb349fe8a5c653f4e6958322a041b57e31128b9b23817f825942942a3ac
SSDEEP

3072:HMcLOshz82bi5xTfsRzSF+5QSItt0rebP+fagSILKd:scLOshz82m6RzfItt08+faz

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  f42c96419b2d60b119735e324adfb433.exe
- Size
  
  213KB
- MD5
  
  f42c96419b2d60b119735e324adfb433
- SHA1
  
  602382bc894def4541e9bab78a5015b020d6cc7d
- SHA256
  
  79a57ce64cf1aadccd3f1b74686209416ef9c4cd45d4ac9b28ff9ea016ec8955
- SHA512
  
  3f2a5e9056065e0f6ecba81c4b3eb329c870946a0b0ffa94e7af8354fe781cb18db8ddb349fe8a5c653f4e6958322a041b57e31128b9b23817f825942942a3ac
- SSDEEP
  
  3072:HMcLOshz82bi5xTfsRzSF+5QSItt0rebP+fagSILKd:scLOshz82m6RzfItt08+faz
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan