smokeloader | 12b2a34db1f822c089218f1b46c1870462a0afb65ff0364e0f0ba043e93c1e5a | Triage

Sharing

General

Target

12b2a34db1f822c089218f1b46c1870462a0afb65ff0364e0f0ba043e93c1e5a
Size

29KB
Sample

241109-gsr2dasjeq
MD5

a7732204d9c883a4373c8b615c97de43
SHA1

017de30fc0647908eb8dd532982ce6644fb13e59
SHA256

12b2a34db1f822c089218f1b46c1870462a0afb65ff0364e0f0ba043e93c1e5a
SHA512

36f39ecbb0f771420575d3e753911b7a60777d630c70b87947a1981d019b2c8dd1c76d9fe19aaf4c08465da5de47a83aa5f780b15d95e098043ace8c2e6b9276
SSDEEP

768:a5uPwUDiUmbMia7jjXe+yOyddsQCrBwD7:a5uIFUmbJa7jwFCrB

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  12b2a34db1f822c089218f1b46c1870462a0afb65ff0364e0f0ba043e93c1e5a
- Size
  
  29KB
- MD5
  
  a7732204d9c883a4373c8b615c97de43
- SHA1
  
  017de30fc0647908eb8dd532982ce6644fb13e59
- SHA256
  
  12b2a34db1f822c089218f1b46c1870462a0afb65ff0364e0f0ba043e93c1e5a
- SHA512
  
  36f39ecbb0f771420575d3e753911b7a60777d630c70b87947a1981d019b2c8dd1c76d9fe19aaf4c08465da5de47a83aa5f780b15d95e098043ace8c2e6b9276
- SSDEEP
  
  768:a5uPwUDiUmbMia7jjXe+yOyddsQCrBwD7:a5uIFUmbJa7jwFCrB
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan