smokeloader | 6ce6a03625c3a1e2b97d490363a3ec5be1706ec424493d7de2c9cad2644c3311 | Triage

Sharing

General

Target

6ce6a03625c3a1e2b97d490363a3ec5be1706ec424493d7de2c9cad2644c3311.exe
Size

368KB
Sample

241021-br59qatapk
MD5

4bb69f9fad0620ecb64971676b9f2cbc
SHA1

519d65503d586d0442ea411d03e790d52b564eee
SHA256

6ce6a03625c3a1e2b97d490363a3ec5be1706ec424493d7de2c9cad2644c3311
SHA512

7168f65a3362c41b5fe7e4bda908a0372b1061cf100b841715c854fcda4635c0e722d37309de71d7e16b9d94302b9a21f36353a0c1b9f02fd68fe3fe1c3bedea
SSDEEP

6144:gQLgu6NlN0niBcbNynh3oDisWPHVz0Ws1gbBqkNj8f:gQ5690icodkifKWs2BqkN

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  6ce6a03625c3a1e2b97d490363a3ec5be1706ec424493d7de2c9cad2644c3311.exe
- Size
  
  368KB
- MD5
  
  4bb69f9fad0620ecb64971676b9f2cbc
- SHA1
  
  519d65503d586d0442ea411d03e790d52b564eee
- SHA256
  
  6ce6a03625c3a1e2b97d490363a3ec5be1706ec424493d7de2c9cad2644c3311
- SHA512
  
  7168f65a3362c41b5fe7e4bda908a0372b1061cf100b841715c854fcda4635c0e722d37309de71d7e16b9d94302b9a21f36353a0c1b9f02fd68fe3fe1c3bedea
- SSDEEP
  
  6144:gQLgu6NlN0niBcbNynh3oDisWPHVz0Ws1gbBqkNj8f:gQ5690icodkifKWs2BqkN
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan