smokeloader | 6579e58065815c12c11fc1f16160d5300e7e6c7eefad7df0342c6e7f3e7c3fdb | Triage

Sharing

General

Target

6579e58065815c12c11fc1f16160d5300e7e6c7eefad7df0342c6e7f3e7c3fdb.exe
Size

213KB
Sample

241016-b8j3ta1clp
MD5

6e13a681c8cd6af5ce40f9a9c69b7a38
SHA1

af5cbe7f934e295e06943e9b8dccd883f27e010a
SHA256

6579e58065815c12c11fc1f16160d5300e7e6c7eefad7df0342c6e7f3e7c3fdb
SHA512

37b21e4068188fd713f053a82966bf4b5a1e1e400e10d528adef4b1d2878c1f78ad59adec63f344cce5163b7bd54c11274149c3c1cad61aca00fe17ca2b2c09e
SSDEEP

3072:kHapBPY5AlJWi5eOGD1ko5FLqJzxB9HPuGPC/MCGbXal/T:42PY5AbWQejLqpxB9vuGPCEn

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  6579e58065815c12c11fc1f16160d5300e7e6c7eefad7df0342c6e7f3e7c3fdb.exe
- Size
  
  213KB
- MD5
  
  6e13a681c8cd6af5ce40f9a9c69b7a38
- SHA1
  
  af5cbe7f934e295e06943e9b8dccd883f27e010a
- SHA256
  
  6579e58065815c12c11fc1f16160d5300e7e6c7eefad7df0342c6e7f3e7c3fdb
- SHA512
  
  37b21e4068188fd713f053a82966bf4b5a1e1e400e10d528adef4b1d2878c1f78ad59adec63f344cce5163b7bd54c11274149c3c1cad61aca00fe17ca2b2c09e
- SSDEEP
  
  3072:kHapBPY5AlJWi5eOGD1ko5FLqJzxB9HPuGPC/MCGbXal/T:42PY5AbWQejLqpxB9vuGPCEn
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan