smokeloader | 21b5c4b262bc1828f17180c928c01de065d4c0d4725beebd300a31ba3e9b3dd3 | Triage

Sharing

General

Target

f74e5b472685b5f569d2cf5bdfc5d34572f1b3d2
Size

141KB
Sample

241108-mn1evatkal
MD5

3638ae261332af2ed78206d2b17c708a
SHA1

f74e5b472685b5f569d2cf5bdfc5d34572f1b3d2
SHA256

21b5c4b262bc1828f17180c928c01de065d4c0d4725beebd300a31ba3e9b3dd3
SHA512

06f262ae3066fcc6d8f92412a08f3f949e0c9fe06221db9e0e50b2a4730bedb588533d9a34ce3548c7a68146eb7d1bfbd61ad5037a9f605dacf1ef43c4acabbc
SSDEEP

3072:Fhj5aS6CLiP9XWcTjXbWcHLo8TIDrpFeUIEBADKYEEmnd8n3ZjnFyJeNHfs/g:XV+VDjXjH/k/pFeUIEBA+ziFxKo

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  a948708e60fe0c202fb4b6e56f5a5d0a3b0a96ed27f8015b5a6d9991841fb3f4
- Size
  
  244KB
- MD5
  
  ccef69673bfacc50e52be235c37e7f77
- SHA1
  
  159ecf054d4622bcfdf4885b0cbfee182c6cf1e9
- SHA256
  
  a948708e60fe0c202fb4b6e56f5a5d0a3b0a96ed27f8015b5a6d9991841fb3f4
- SHA512
  
  922c79fa26d5fc0e77f6afed86dd1085c7e4045f65db9eb3f748f537f6ad0963746a3fd217ef2325cea93f8db1db6e10100d1f565cb04042e6cfa8df407f1688
- SSDEEP
  
  3072:W7C/lKw6yl7YrMAVQnzqn6tmV4V5OSLS3eet4ckBFXs4+WJ3N5rIQMafKYEEmndd:ld7YrMAIzq6J5OmSuet0XXzSziF75
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan