smokeloader | fff79a1e96ffcac77b3eb7bc01706bfece7499ab8972b28a732dfa2aa09994ee | Triage

Sharing

General

Target

fff79a1e96ffcac77b3eb7bc01706bfece7499ab8972b28a732dfa2aa09994ee.exe
Size

443KB
Sample

241009-jxg33swgnr
MD5

fa949a7589dc71ea006eb10ad025618a
SHA1

3525508cc8b83cdec2bde0bf0cbdc7cdab62c383
SHA256

fff79a1e96ffcac77b3eb7bc01706bfece7499ab8972b28a732dfa2aa09994ee
SHA512

40734414f0d40431625d1c79f7fc043458de0f73b59764239041f6a7ac959a6e11869f45a334fec45f37267bf9c2ff2ca4acc23db9c5eac0e70e9413307db136
SSDEEP

6144:dBc5/Qqguk5r/EaOKIhfzrIqku/a5J0gToyxw7coy6BbO42Tn:MBQqgoampv1/GJ0gThx8NO4O

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  fff79a1e96ffcac77b3eb7bc01706bfece7499ab8972b28a732dfa2aa09994ee.exe
- Size
  
  443KB
- MD5
  
  fa949a7589dc71ea006eb10ad025618a
- SHA1
  
  3525508cc8b83cdec2bde0bf0cbdc7cdab62c383
- SHA256
  
  fff79a1e96ffcac77b3eb7bc01706bfece7499ab8972b28a732dfa2aa09994ee
- SHA512
  
  40734414f0d40431625d1c79f7fc043458de0f73b59764239041f6a7ac959a6e11869f45a334fec45f37267bf9c2ff2ca4acc23db9c5eac0e70e9413307db136
- SSDEEP
  
  6144:dBc5/Qqguk5r/EaOKIhfzrIqku/a5J0gToyxw7coy6BbO42Tn:MBQqgoampv1/GJ0gThx8NO4O
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan