smokeloader | 9748f0efb53ebdbc9ae4aadc645184797ed217eacd7bb22e38c55fd14ee335d9 | Triage

Sharing

General

Target

8ac5b13888a1efe2c947b44ed11fcdbae0572992
Size

139KB
Sample

241111-gqznfaxpgk
MD5

9197e42cbdc3e3f393d2749dc57b8045
SHA1

8ac5b13888a1efe2c947b44ed11fcdbae0572992
SHA256

9748f0efb53ebdbc9ae4aadc645184797ed217eacd7bb22e38c55fd14ee335d9
SHA512

1cb02bea25b8ad904e3ecd411523c47c6497a69f036a88bddf3f1242c3be1500b4b5c515af772f794801348a1f22c3fffa0fca380262100c9414e07e75917db7
SSDEEP

3072:k6OORJrz6XGvUV6ZuBCSRCm5pGwti/hLcPL4T6M8Xy5F+zl:7Jn6XGvUV6Zu715pltiVOM6z

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  485186c8c0a62e127ebf49aef58cdecc1e3ea5525aaad646f298bf2c4b0a9d77
- Size
  
  242KB
- MD5
  
  342b30d11e3788a4257efc71ed29eac5
- SHA1
  
  982e0f055acc9ae71588ff92e2d4d134abb09426
- SHA256
  
  485186c8c0a62e127ebf49aef58cdecc1e3ea5525aaad646f298bf2c4b0a9d77
- SHA512
  
  a190f5515fc5de4ca56d23fc05a05a2ae9d8194d79caded587ebbd008cbb23dfcc0a15f197f0e0027762834d1b73403b5c4a4af93879ca2bee321b9f544c0210
- SSDEEP
  
  6144:4hVpc6JXRo+pbv9/HAtjNZk/oQvGiVO6Yor8y:iVpc6o+pbvOxNZk/ZvGz6Yop
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan