smokeloader | 11f02de3d29b2b99c806437d10cc4bc1232cc64fba65521d53e47c44426ba219 | Triage

Resubmissions

18-10-2024 01:14

241018-bl13tazhlm 10

18-10-2024 01:11

241018-bj662szgkm 10

Sharing

General

Target

11f02de3d29b2b99c806437d10cc4bc1232cc64fba65521d53e47c44426ba219.exe
Size

365KB
Sample

241018-bl13tazhlm
MD5

17a8a899cae67ea157318183d546d2fd
SHA1

2a001ba9fc5c56cecdf25f34f3f8558e3fdedc3f
SHA256

11f02de3d29b2b99c806437d10cc4bc1232cc64fba65521d53e47c44426ba219
SHA512

0de475c4d70b9e7948fde335ff3d40fa3cee4bb015085374e65883220868eb68e4a62a9329309a97c2b5405388eed22d6562244b8426a654a0625784ed21298c
SSDEEP

3072:UEyw/PL4u+MrhsgZbRZwVTslefk6GIfHT0qMubv6dhpaQdd41/x8dBRVlNN:JL4KXZbRZ2rfHT0qkdRXO6dR

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  11f02de3d29b2b99c806437d10cc4bc1232cc64fba65521d53e47c44426ba219.exe
- Size
  
  365KB
- MD5
  
  17a8a899cae67ea157318183d546d2fd
- SHA1
  
  2a001ba9fc5c56cecdf25f34f3f8558e3fdedc3f
- SHA256
  
  11f02de3d29b2b99c806437d10cc4bc1232cc64fba65521d53e47c44426ba219
- SHA512
  
  0de475c4d70b9e7948fde335ff3d40fa3cee4bb015085374e65883220868eb68e4a62a9329309a97c2b5405388eed22d6562244b8426a654a0625784ed21298c
- SSDEEP
  
  3072:UEyw/PL4u+MrhsgZbRZwVTslefk6GIfHT0qMubv6dhpaQdd41/x8dBRVlNN:JL4KXZbRZ2rfHT0qkdRXO6dR
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan