smokeloader | 4dcf43767f4fd901ef13a37da7499a54c61cf045a045186151a8bbefc251ee6b | Triage

Sharing

General

Target

4dcf43767f4fd901ef13a37da7499a54c61cf045a045186151a8bbefc251ee6b.exe
Size

369KB
Sample

241021-bmbjjs1dmb
MD5

6495432f0808eb94291d12c862216fe2
SHA1

b26485ed3ee5990d1c8363e743d8e0903e2b3433
SHA256

4dcf43767f4fd901ef13a37da7499a54c61cf045a045186151a8bbefc251ee6b
SHA512

60b929c8670cef82a54fa274a8a9c010b516d87e61e5b45b8bd3d324e5d11f55a804acb03fc760983d082ab2a3e8e772391c15f78fdcef4aa9d5c13363566f2f
SSDEEP

6144:VaIYQL38hwc85w569ALrSsP5hglG+E3hX936mDtQhkBTI9I9jtj8OU8vJpm:VLLL8hh85wYytPrcG+0qk2hg/VtTB7m

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  4dcf43767f4fd901ef13a37da7499a54c61cf045a045186151a8bbefc251ee6b.exe
- Size
  
  369KB
- MD5
  
  6495432f0808eb94291d12c862216fe2
- SHA1
  
  b26485ed3ee5990d1c8363e743d8e0903e2b3433
- SHA256
  
  4dcf43767f4fd901ef13a37da7499a54c61cf045a045186151a8bbefc251ee6b
- SHA512
  
  60b929c8670cef82a54fa274a8a9c010b516d87e61e5b45b8bd3d324e5d11f55a804acb03fc760983d082ab2a3e8e772391c15f78fdcef4aa9d5c13363566f2f
- SSDEEP
  
  6144:VaIYQL38hwc85w569ALrSsP5hglG+E3hX936mDtQhkBTI9I9jtj8OU8vJpm:VLLL8hh85wYytPrcG+0qk2hg/VtTB7m
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan