smokeloader | 3bcc320128d270aa4afb7dc5ffaa1044ed07d95cadb52390375955b2f19ecc4d | Triage

Sharing

General

Target

fb34ae209197ed88b96618b1f700e3bd
Size

230KB
Sample

241109-pbenqatgpn
MD5

fb34ae209197ed88b96618b1f700e3bd
SHA1

2a2ce1777ed26fc798abdb0f0496c3cd52440c06
SHA256

3bcc320128d270aa4afb7dc5ffaa1044ed07d95cadb52390375955b2f19ecc4d
SHA512

b0a240bb9e154dde11e55f6734e194f0d46557b494ba0e0769e939b9995d55282f6eec6b9c690f7584484d53d4593306dafa1e5cbb8ca217c5a622222085597f
SSDEEP

3072:ChsgHA7eIfpHYWGsOeogs8QNlxct/scGUMPOSta5Hju9M/h3qpZa9uD6VdyhkEzW:cdA7v4W6gXQN/wsccta5HirwVfEz

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  fb34ae209197ed88b96618b1f700e3bd
- Size
  
  230KB
- MD5
  
  fb34ae209197ed88b96618b1f700e3bd
- SHA1
  
  2a2ce1777ed26fc798abdb0f0496c3cd52440c06
- SHA256
  
  3bcc320128d270aa4afb7dc5ffaa1044ed07d95cadb52390375955b2f19ecc4d
- SHA512
  
  b0a240bb9e154dde11e55f6734e194f0d46557b494ba0e0769e939b9995d55282f6eec6b9c690f7584484d53d4593306dafa1e5cbb8ca217c5a622222085597f
- SSDEEP
  
  3072:ChsgHA7eIfpHYWGsOeogs8QNlxct/scGUMPOSta5Hju9M/h3qpZa9uD6VdyhkEzW:cdA7v4W6gXQN/wsccta5HirwVfEz
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan