smokeloader | 2ac0e22f00d606bdcb2595cd5fe9c6a7427596b2e31c3e6e306306e46516424a | Triage

Sharing

General

Target

2ac0e22f00d606bdcb2595cd5fe9c6a7427596b2e31c3e6e306306e46516424aN
Size

251KB
Sample

241110-29cy1awqcs
MD5

4d0758b10e48fb5ac58a3b492a0814d0
SHA1

8ef4f7e29ba096e4061ac06c30df2ca942bdc03a
SHA256

2ac0e22f00d606bdcb2595cd5fe9c6a7427596b2e31c3e6e306306e46516424a
SHA512

f36a7a7e53ee5dda53f8df559b56b29c7a8238c1ca061ef907a992a0cf6015ca51ba413b00034c88cd6118ad7252a8bf546692b8d08113a6dd7bc69216412ff6
SSDEEP

3072:eO/w0JkkDmQO7vB5YZzknf/STgRWfI5dp4zulW:puvY2nf/I6E8

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  2ac0e22f00d606bdcb2595cd5fe9c6a7427596b2e31c3e6e306306e46516424aN
- Size
  
  251KB
- MD5
  
  4d0758b10e48fb5ac58a3b492a0814d0
- SHA1
  
  8ef4f7e29ba096e4061ac06c30df2ca942bdc03a
- SHA256
  
  2ac0e22f00d606bdcb2595cd5fe9c6a7427596b2e31c3e6e306306e46516424a
- SHA512
  
  f36a7a7e53ee5dda53f8df559b56b29c7a8238c1ca061ef907a992a0cf6015ca51ba413b00034c88cd6118ad7252a8bf546692b8d08113a6dd7bc69216412ff6
- SSDEEP
  
  3072:eO/w0JkkDmQO7vB5YZzknf/STgRWfI5dp4zulW:puvY2nf/I6E8
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan