smokeloader | fd6f2122563b4c87e8998cd167bdd4da7b32e58158ff5178b399bfe77885b997 | Triage

Sharing

General

Target

fd6f2122563b4c87e8998cd167bdd4da7b32e58158ff5178b399bfe77885b997
Size

165KB
Sample

241108-cwwfratbjd
MD5

2ba020c89f9104e77bc22393d8982407
SHA1

18e2a1d17628bbe93dfe6480bc2eefd69d62b422
SHA256

fd6f2122563b4c87e8998cd167bdd4da7b32e58158ff5178b399bfe77885b997
SHA512

1a38197edf095eaf4d0181420ef8d07a0cfd33b56d7001c8b5a162806a3b822a40d9fab159e5af3c6a57730a56be9e5b083ba7cf4be5b9181cd059e575daa8c5
SSDEEP

3072:BXCWvUNDbS/1+9FR4x4oWjL0HKGhlaEjhF2wTt7cX1genye8n:mns1+9FR4MQH2yY1Zy/

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  387cf390c3c472cd5eefe6ce3fb01b188f67533f5540e421e0f02fb845fc526e
- Size
  
  357KB
- MD5
  
  0e0b9291a05206f5f839fccfc59afab2
- SHA1
  
  007dfe6d38feacf5f17536642d1e76035685898e
- SHA256
  
  387cf390c3c472cd5eefe6ce3fb01b188f67533f5540e421e0f02fb845fc526e
- SHA512
  
  aee33e579a852b845425e65e421c58cce2eebe901257ed89de680d22428e1f378d1b1e9d73d3177221e08759fc0cb60ab54efd62c4fa7c083935f4c9dd236457
- SSDEEP
  
  6144:5PSNuYdK79U8rHjZZB6j8ZRgmHPrT2qlAfq9KbN:lsdKp9rHjZ+8ZWmHPuAKQK
Score

10^/10

smokeloader pub5 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoordiscoverytrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan