smokeloader | abecca8f3dab5794afb52b415cdb40df1abf187f43de055e60d28e40f76f5023 | Triage

Sharing

General

Target

abecca8f3dab5794afb52b415cdb40df1abf187f43de055e60d28e40f76f5023
Size

218KB
Sample

241109-gf4jmsygkk
MD5

b087220df34c6490109550c12be086bb
SHA1

eb9f919a996de853faadb28b85935734ab5e862f
SHA256

abecca8f3dab5794afb52b415cdb40df1abf187f43de055e60d28e40f76f5023
SHA512

07fc412fcc04b88cdc21710c9f8cfba52bce27140004aaa5cf2e7118e2d3302273ce12711d046f4f0d07506515482b840fd4fc6fe1725ae9cd3ea80cbc7a4976
SSDEEP

3072:vsJ1sU+Zfsl0Z7COrUO00rDAkjErkNQ0QhvD2nwOq+WJfM/h3isxkgaBCh:0JGU20l0Zv3DlSkGPhvD2nwL+ifeiga

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  abecca8f3dab5794afb52b415cdb40df1abf187f43de055e60d28e40f76f5023
- Size
  
  218KB
- MD5
  
  b087220df34c6490109550c12be086bb
- SHA1
  
  eb9f919a996de853faadb28b85935734ab5e862f
- SHA256
  
  abecca8f3dab5794afb52b415cdb40df1abf187f43de055e60d28e40f76f5023
- SHA512
  
  07fc412fcc04b88cdc21710c9f8cfba52bce27140004aaa5cf2e7118e2d3302273ce12711d046f4f0d07506515482b840fd4fc6fe1725ae9cd3ea80cbc7a4976
- SSDEEP
  
  3072:vsJ1sU+Zfsl0Z7COrUO00rDAkjErkNQ0QhvD2nwOq+WJfM/h3isxkgaBCh:0JGU20l0Zv3DlSkGPhvD2nwL+ifeiga
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan