smokeloader | 554876b48e8ffa7435578ce43177c7a3b6ea92a4f6ad7e5e36856e66d8559691 | Triage

Sharing

General

Target

f46a9902a07070e952b3a055eefb9b08
Size

139KB
Sample

241106-qaw22s1dpm
MD5

f46a9902a07070e952b3a055eefb9b08
SHA1

076c329324192f82f8d266aea265c9d7e76f0df0
SHA256

554876b48e8ffa7435578ce43177c7a3b6ea92a4f6ad7e5e36856e66d8559691
SHA512

ff1695af63ad66cb3735cc68ad1762d612d19a60fc4500b1f3867f7c5208eca56e7f394ac47a4dbf7847418af2c32b3b61ff0c9d6c39060b1b1904cc4657e380
SSDEEP

3072:W0JRN1ls3ABUyaZ+ABQIra7jdfXEHtvLk/8fzbXtjWnASkmZm:W0Jrf2Z+QXa7jdfXENvYmz5kdkmZm

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  11a8b5c35c55501d7ef127a4d5ebe331b7b4e6be72249d79dec30d914e1cb943
- Size
  
  242KB
- MD5
  
  478553e6419e13981ec6565727fc2aec
- SHA1
  
  dce48c90cfc8cc047956396d8d417f0cfdacb323
- SHA256
  
  11a8b5c35c55501d7ef127a4d5ebe331b7b4e6be72249d79dec30d914e1cb943
- SHA512
  
  5311a303bd11635c8ed7e18ff7762c6041b25e5a569a51fe2b6933730d34ce646d10525feac4d96384cf7106f8c8ffce15745ab5ff7556167ebfdbf63ba2e4f8
- SSDEEP
  
  6144:2qutLrUMhy+VX75W0OyQtWBmKLe7NvYmz5koM9J:3utLTy+VX75W7cBmmeZwYOt
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan