smokeloader | ce39271335727cb252102e59f53dedb8880fb3dca8f597bdf7e5d35c6d605de0 | Triage

Sharing

General

Target

8320df18fc9660f3a4dcaa29b3707847.exe
Size

269KB
Sample

241013-3xz4fatarc
MD5

8320df18fc9660f3a4dcaa29b3707847
SHA1

1ec0afcceae9b6b0a771f28002b3617d45d5ab56
SHA256

ce39271335727cb252102e59f53dedb8880fb3dca8f597bdf7e5d35c6d605de0
SHA512

a4a47b83fa644bb403cf2cf43cda6357ce6149d874ee7549b6d0ba02e8bd31e3128f6546ea7ed1a225ac3df70e3eb50848fdc859542c2f670f71f780a408017b
SSDEEP

3072:O9PTmSohCYWK7JSuGdngqp7U+L5ACyxF9Dav3xvZtWluUCIqzpjAqMi:gYhcOIuGdngq58/4JZoluVIqzpjAqh

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  8320df18fc9660f3a4dcaa29b3707847.exe
- Size
  
  269KB
- MD5
  
  8320df18fc9660f3a4dcaa29b3707847
- SHA1
  
  1ec0afcceae9b6b0a771f28002b3617d45d5ab56
- SHA256
  
  ce39271335727cb252102e59f53dedb8880fb3dca8f597bdf7e5d35c6d605de0
- SHA512
  
  a4a47b83fa644bb403cf2cf43cda6357ce6149d874ee7549b6d0ba02e8bd31e3128f6546ea7ed1a225ac3df70e3eb50848fdc859542c2f670f71f780a408017b
- SSDEEP
  
  3072:O9PTmSohCYWK7JSuGdngqp7U+L5ACyxF9Dav3xvZtWluUCIqzpjAqMi:gYhcOIuGdngq58/4JZoluVIqzpjAqh
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan