smokeloader | 58589a37ad805b35a51cc6910e05fddd69eaebaa52bd09de6fb60b71e0ac3565 | Triage

Sharing

General

Target

58589a37ad805b35a51cc6910e05fddd69eaebaa52bd09de6fb60b71e0ac3565.exe
Size

233KB
Sample

241123-ybmh1asndz
MD5

37af2c2b7a25f9cfe8f82d44d3c06c5a
SHA1

0e9333a59f54e5aa40f5595df25493c73388729a
SHA256

58589a37ad805b35a51cc6910e05fddd69eaebaa52bd09de6fb60b71e0ac3565
SHA512

f290b2775b3f48391912ea8b267c2a0efdcb79335ad2fbce9601af0ec1bb3fbd6678f33c44b4a9a36a342c53955ef22c6eef90d1a8e89279daf87b262fc9cb64
SSDEEP

3072:JGhKikQxIHv9OlnJe6rJsx6+32YSZG6P5VisE/xdqwXIe+CNf4/AWaSkSJu98vdb:VQxIHv9Ox0M5z5VisiYUIADG8elb

Score

10^/10

smokeloader pub5 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub5

Targets

- Target
  
  58589a37ad805b35a51cc6910e05fddd69eaebaa52bd09de6fb60b71e0ac3565.exe
- Size
  
  233KB
- MD5
  
  37af2c2b7a25f9cfe8f82d44d3c06c5a
- SHA1
  
  0e9333a59f54e5aa40f5595df25493c73388729a
- SHA256
  
  58589a37ad805b35a51cc6910e05fddd69eaebaa52bd09de6fb60b71e0ac3565
- SHA512
  
  f290b2775b3f48391912ea8b267c2a0efdcb79335ad2fbce9601af0ec1bb3fbd6678f33c44b4a9a36a342c53955ef22c6eef90d1a8e89279daf87b262fc9cb64
- SSDEEP
  
  3072:JGhKikQxIHv9OlnJe6rJsx6+32YSZG6P5VisE/xdqwXIe+CNf4/AWaSkSJu98vdb:VQxIHv9Ox0M5z5VisiYUIADG8elb
Score

10^/10

smokeloader pub5 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub5backdoortrojan

behavioral2

smokeloaderpub5backdoordiscoverytrojan