smokeloader | 8a517dbbe4d1e4f5bc7f96e862589faf84d0ebb334cce650aa79d8d879b2e15f | Triage

Sharing

General

Target

8a517dbbe4d1e4f5bc7f96e862589faf84d0ebb334cce650aa79d8d879b2e15f
Size

231KB
Sample

241111-bj662sylcw
MD5

45f500dfc27107e7458ca8ab1b126ddd
SHA1

d65a485e8df155d8e1a48e7b1842b13e8b39be63
SHA256

8a517dbbe4d1e4f5bc7f96e862589faf84d0ebb334cce650aa79d8d879b2e15f
SHA512

a1a2afaa85bbaf662c427b4c6fea60655b37c57847310269974a0faa9a5ef0d3f60f8b137701334c50c1a71e989dab84b9a3cc523865b6e4a862e2c098f1a110
SSDEEP

6144:jBgZIc8u/RgZI6GmmiWCyjuVy/gHq7DZrwVfEz:FgZIB0StrWZrn1f

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  8a517dbbe4d1e4f5bc7f96e862589faf84d0ebb334cce650aa79d8d879b2e15f
- Size
  
  231KB
- MD5
  
  45f500dfc27107e7458ca8ab1b126ddd
- SHA1
  
  d65a485e8df155d8e1a48e7b1842b13e8b39be63
- SHA256
  
  8a517dbbe4d1e4f5bc7f96e862589faf84d0ebb334cce650aa79d8d879b2e15f
- SHA512
  
  a1a2afaa85bbaf662c427b4c6fea60655b37c57847310269974a0faa9a5ef0d3f60f8b137701334c50c1a71e989dab84b9a3cc523865b6e4a862e2c098f1a110
- SSDEEP
  
  6144:jBgZIc8u/RgZI6GmmiWCyjuVy/gHq7DZrwVfEz:FgZIB0StrWZrn1f
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan