smokeloader | 33adf37bfe4bffa1fe39bdbf0a51f6eb82feae2caced691096a40be0e56fc3dc | Triage

Sharing

General

Target

db50948ac4a52fcc82a81f512caa237b
Size

275KB
Sample

241105-rbzd8stapp
MD5

db50948ac4a52fcc82a81f512caa237b
SHA1

ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430
SHA256

33adf37bfe4bffa1fe39bdbf0a51f6eb82feae2caced691096a40be0e56fc3dc
SHA512

029112690117d3d9149da4836d2a58679f3a6fc54295d441e00aee42bc447c123d92443292aa07a77f641b09971313b8ec470dfdabbea8873a0f8a5394d4f746
SSDEEP

6144:7q542Clnq5eUmjiR16GWvZSE9wGWkZirPVp9Iz6bO:7M42vvmjiR16GWBSXpkUL

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  db50948ac4a52fcc82a81f512caa237b
- Size
  
  275KB
- MD5
  
  db50948ac4a52fcc82a81f512caa237b
- SHA1
  
  ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430
- SHA256
  
  33adf37bfe4bffa1fe39bdbf0a51f6eb82feae2caced691096a40be0e56fc3dc
- SHA512
  
  029112690117d3d9149da4836d2a58679f3a6fc54295d441e00aee42bc447c123d92443292aa07a77f641b09971313b8ec470dfdabbea8873a0f8a5394d4f746
- SSDEEP
  
  6144:7q542Clnq5eUmjiR16GWvZSE9wGWkZirPVp9Iz6bO:7M42vvmjiR16GWBSXpkUL
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan