smokeloader | 3668ad791a0f6a1eae6047cec55548c7fc64ceb4d89e73262695b52e144f3b13 | Triage

Sharing

General

Target

3668ad791a0f6a1eae6047cec55548c7fc64ceb4d89e73262695b52e144f3b13
Size

266KB
Sample

241110-jmw49asje1
MD5

43eb967fce9ffe2d06c1174b0bc416f6
SHA1

6dde42f13384300c122bc396c05f70f2c9f13653
SHA256

3668ad791a0f6a1eae6047cec55548c7fc64ceb4d89e73262695b52e144f3b13
SHA512

a783071f48acf905634c2c60ea9487fbdbb90706dd6884dde32ac980eda3e909e8835bf99b466b72f9fc6f1fa2bc0d93b45c7439cf5f5c6445816733c0cc7b7f
SSDEEP

6144:fDREIYijYDnEWyufE7EvOwN2UUhufKRfXQmpC5s:NEIYbLsufiEvOWYufEfgoC

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  3668ad791a0f6a1eae6047cec55548c7fc64ceb4d89e73262695b52e144f3b13
- Size
  
  266KB
- MD5
  
  43eb967fce9ffe2d06c1174b0bc416f6
- SHA1
  
  6dde42f13384300c122bc396c05f70f2c9f13653
- SHA256
  
  3668ad791a0f6a1eae6047cec55548c7fc64ceb4d89e73262695b52e144f3b13
- SHA512
  
  a783071f48acf905634c2c60ea9487fbdbb90706dd6884dde32ac980eda3e909e8835bf99b466b72f9fc6f1fa2bc0d93b45c7439cf5f5c6445816733c0cc7b7f
- SSDEEP
  
  6144:fDREIYijYDnEWyufE7EvOwN2UUhufKRfXQmpC5s:NEIYbLsufiEvOWYufEfgoC
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan