smokeloader | 74e30957b0bd59fcfbe1fe068caf9d6d441422351a9a3814a3ec92c99f039b6a | Triage

Sharing

General

Target

74e30957b0bd59fcfbe1fe068caf9d6d441422351a9a3814a3ec92c99f039b6a.exe
Size

262KB
Sample

241123-1fwctaxpfs
MD5

91ef7b477011217ad64778807ff6ff27
SHA1

979690ecc64a3c5cc2d355abd716e9e014696c8b
SHA256

74e30957b0bd59fcfbe1fe068caf9d6d441422351a9a3814a3ec92c99f039b6a
SHA512

2c203104af0b6a3141c295fca6a4c093a0dfbf265c48b3d6ee24451be5959dc1af7b9bfb57ab67e076b1c4a0d08ae1c9df0aec26de3b83ddfd619d497d6e2711
SSDEEP

6144:CGyQPi3wLrNqM7I6KAyqX7tNfVXVHQLIiu8cfo0/pWK:CGVPiMrcAKpwZGEX8cA0/MK

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  74e30957b0bd59fcfbe1fe068caf9d6d441422351a9a3814a3ec92c99f039b6a.exe
- Size
  
  262KB
- MD5
  
  91ef7b477011217ad64778807ff6ff27
- SHA1
  
  979690ecc64a3c5cc2d355abd716e9e014696c8b
- SHA256
  
  74e30957b0bd59fcfbe1fe068caf9d6d441422351a9a3814a3ec92c99f039b6a
- SHA512
  
  2c203104af0b6a3141c295fca6a4c093a0dfbf265c48b3d6ee24451be5959dc1af7b9bfb57ab67e076b1c4a0d08ae1c9df0aec26de3b83ddfd619d497d6e2711
- SSDEEP
  
  6144:CGyQPi3wLrNqM7I6KAyqX7tNfVXVHQLIiu8cfo0/pWK:CGVPiMrcAKpwZGEX8cA0/MK
Score

10^/10

smokeloader pub5 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoortrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan