smokeloader | ec901da405ea52104876cb36ddc08b640c68b14512a0d828027bcf4835dd61ed | Triage

Sharing

General

Target

1e6cb5a76ae2be7ec6dba511c9b622a8.exe
Size

259KB
Sample

241014-mdm2rsyapp
MD5

1e6cb5a76ae2be7ec6dba511c9b622a8
SHA1

a4f560371a844fd44325ca84d8c15fd7bcf08791
SHA256

ec901da405ea52104876cb36ddc08b640c68b14512a0d828027bcf4835dd61ed
SHA512

58f2fe864a15c010dea0694eabb372e5974879425b5c058f89e945f82c8c0efd1fd4a592768acffe63029a063a3d156c27a23cc353f5294c023868ffaf2ace89
SSDEEP

3072:unm/NiujyXmhGKo+t5SqJzxB9ltFuPuGPPDMCGbXa+/T:++/jyXmhGzqpxB9XWuGPPQn

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  1e6cb5a76ae2be7ec6dba511c9b622a8.exe
- Size
  
  259KB
- MD5
  
  1e6cb5a76ae2be7ec6dba511c9b622a8
- SHA1
  
  a4f560371a844fd44325ca84d8c15fd7bcf08791
- SHA256
  
  ec901da405ea52104876cb36ddc08b640c68b14512a0d828027bcf4835dd61ed
- SHA512
  
  58f2fe864a15c010dea0694eabb372e5974879425b5c058f89e945f82c8c0efd1fd4a592768acffe63029a063a3d156c27a23cc353f5294c023868ffaf2ace89
- SSDEEP
  
  3072:unm/NiujyXmhGKo+t5SqJzxB9ltFuPuGPPDMCGbXa+/T:++/jyXmhGzqpxB9XWuGPPQn
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan