smokeloader | 2e0b82825c79c507de8a011d6a47f461b8c6b73d7c130fa91dbc2487c8726e13 | Triage

Sharing

General

Target

69f344803ca11eb44f5e1a4c2069a4002fabda45
Size

230KB
Sample

241106-sz3bgavnhr
MD5

be0c6f5117ffbe12c44d24836ed9e094
SHA1

69f344803ca11eb44f5e1a4c2069a4002fabda45
SHA256

2e0b82825c79c507de8a011d6a47f461b8c6b73d7c130fa91dbc2487c8726e13
SHA512

8c63a3fa71a01ad2aaaf8a2d4e5800c8fb187f712e9836ef3c1783429f52497cbed6785afc86315ab4388e08e1b62f1854e73421098bf9b58850495c86d441a3
SSDEEP

3072:8dd0qhbstIMasLO308JLcdatpRN9lnT2pjLZM3cOlsGIByM/h3qpZa9uD6Vdyhk7:JqhqXFNeLBN9JTMjtM3cOlqyrwVfEz

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  69f344803ca11eb44f5e1a4c2069a4002fabda45
- Size
  
  230KB
- MD5
  
  be0c6f5117ffbe12c44d24836ed9e094
- SHA1
  
  69f344803ca11eb44f5e1a4c2069a4002fabda45
- SHA256
  
  2e0b82825c79c507de8a011d6a47f461b8c6b73d7c130fa91dbc2487c8726e13
- SHA512
  
  8c63a3fa71a01ad2aaaf8a2d4e5800c8fb187f712e9836ef3c1783429f52497cbed6785afc86315ab4388e08e1b62f1854e73421098bf9b58850495c86d441a3
- SSDEEP
  
  3072:8dd0qhbstIMasLO308JLcdatpRN9lnT2pjLZM3cOlsGIByM/h3qpZa9uD6Vdyhk7:JqhqXFNeLBN9JTMjtM3cOlqyrwVfEz
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan