smokeloader | 2d287e5fa519d08fba099aaae4a50455ced9aef42cb4ea567accf3cd0d889da1 | Triage

Sharing

General

Target

2d287e5fa519d08fba099aaae4a50455ced9aef42cb4ea567accf3cd0d889da1
Size

367KB
Sample

241107-bjt7gstqhl
MD5

a49ffd2be71a9d13bf250f3d7dcce16e
SHA1

72eb647fd74f1f4056b399a34188ad727fc7726f
SHA256

2d287e5fa519d08fba099aaae4a50455ced9aef42cb4ea567accf3cd0d889da1
SHA512

b5a699a7484bf068f8d08989cd9a922dc0c8007d62875824746a6d8001225786dcba1a49f77ec7b86f5570b741dd7e4e1022b72d8a4f6aa9fdc378743bc9f092
SSDEEP

6144:dHLW9bdAEJ6r3WKtR8puBuUCPiQ9vq9l7YrATErao8yT:dHobdAEJoGK8pEpM9vSYr/Np

Score

10^/10

smokeloader pub1 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2d287e5fa519d08fba099aaae4a50455ced9aef42cb4ea567accf3cd0d889da1
- Size
  
  367KB
- MD5
  
  a49ffd2be71a9d13bf250f3d7dcce16e
- SHA1
  
  72eb647fd74f1f4056b399a34188ad727fc7726f
- SHA256
  
  2d287e5fa519d08fba099aaae4a50455ced9aef42cb4ea567accf3cd0d889da1
- SHA512
  
  b5a699a7484bf068f8d08989cd9a922dc0c8007d62875824746a6d8001225786dcba1a49f77ec7b86f5570b741dd7e4e1022b72d8a4f6aa9fdc378743bc9f092
- SSDEEP
  
  6144:dHLW9bdAEJ6r3WKtR8puBuUCPiQ9vq9l7YrATErao8yT:dHobdAEJoGK8pEpM9vSYr/Np
Score

10^/10

smokeloader pub1 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoordiscoverytrojan