smokeloader | 67cca8e76698d506703867218d35889e503f8ab35200e0cec204df1df3ed1ee3 | Triage

Sharing

General

Target

67cca8e76698d506703867218d35889e503f8ab35200e0cec204df1df3ed1ee3.exe
Size

237KB
Sample

241014-q14vkssdlp
MD5

51edb0928c2e36654e59e2451e2540b6
SHA1

fc0517fec5bbdaefac962b819bff2ea3d6f92de9
SHA256

67cca8e76698d506703867218d35889e503f8ab35200e0cec204df1df3ed1ee3
SHA512

a9412a504e50dfbb0ca21a48181ced2dbb6fa123411ef0d5b17b235ba97589a3fb05e073b102e887ffdf62aecf3c3f6eae1893c8c21a1e5ed9d717b3ad313251
SSDEEP

3072:H0BoYKwRl18reAhtaAJ54Q+CoNTuA9FBxqXYUGrG:H0BoYVRIjhT+FwsqI

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  67cca8e76698d506703867218d35889e503f8ab35200e0cec204df1df3ed1ee3.exe
- Size
  
  237KB
- MD5
  
  51edb0928c2e36654e59e2451e2540b6
- SHA1
  
  fc0517fec5bbdaefac962b819bff2ea3d6f92de9
- SHA256
  
  67cca8e76698d506703867218d35889e503f8ab35200e0cec204df1df3ed1ee3
- SHA512
  
  a9412a504e50dfbb0ca21a48181ced2dbb6fa123411ef0d5b17b235ba97589a3fb05e073b102e887ffdf62aecf3c3f6eae1893c8c21a1e5ed9d717b3ad313251
- SSDEEP
  
  3072:H0BoYKwRl18reAhtaAJ54Q+CoNTuA9FBxqXYUGrG:H0BoYVRIjhT+FwsqI
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan