smokeloader | c35efcd0250efabbbc2f60389d78234385e2af7defe42cac169021de4d0bdc3f | Triage

Sharing

General

Target

c35efcd0250efabbbc2f60389d78234385e2af7defe42cac169021de4d0bdc3f
Size

273KB
Sample

241109-vnp8wa1nbr
MD5

32a218ad6ce67b809db395fd471067d4
SHA1

d99a85954fe667e360cb9ad5a818e48459f039ea
SHA256

c35efcd0250efabbbc2f60389d78234385e2af7defe42cac169021de4d0bdc3f
SHA512

efc9a25111ae0870c4fb0fed78909173cfd74aa5582425906a676d021061626eccc2c62908e73ef7a40476d4174eb12cda4ea3c728f5581cdd30009219cd8188
SSDEEP

6144:oxyKApofEJjc7UlXneo/T349/mQ8NycU2s+uIqf7:oypofEJjc7kecb45z8NycU2C

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  c35efcd0250efabbbc2f60389d78234385e2af7defe42cac169021de4d0bdc3f
- Size
  
  273KB
- MD5
  
  32a218ad6ce67b809db395fd471067d4
- SHA1
  
  d99a85954fe667e360cb9ad5a818e48459f039ea
- SHA256
  
  c35efcd0250efabbbc2f60389d78234385e2af7defe42cac169021de4d0bdc3f
- SHA512
  
  efc9a25111ae0870c4fb0fed78909173cfd74aa5582425906a676d021061626eccc2c62908e73ef7a40476d4174eb12cda4ea3c728f5581cdd30009219cd8188
- SSDEEP
  
  6144:oxyKApofEJjc7UlXneo/T349/mQ8NycU2s+uIqf7:oypofEJjc7kecb45z8NycU2C
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan