smokeloader | a5781c401bd27867bf8165eef75a6bbbfac7655d452fc67cabc7bfd03cdf6d29 | Triage

Sharing

General

Target

a5781c401bd27867bf8165eef75a6bbbfac7655d452fc67cabc7bfd03cdf6d29
Size

210KB
Sample

241215-qxjegavrb1
MD5

24ba11f1921204db0b51e7e26471af1c
SHA1

eec71fd3300d80077c6716ae8df5de7ecbe612b5
SHA256

a5781c401bd27867bf8165eef75a6bbbfac7655d452fc67cabc7bfd03cdf6d29
SHA512

6ca18ae72e77e05ff255ff45cb572d5a9d019b7dc65954015c4dc32fa31a834ee7ad405c0914cc65bd0c1cac0bb267b55b27ed5620ff07e7112e7b24c6509a07
SSDEEP

6144:up999sO5v3uaxk1DkKaRUX6PJIljIGXH1h4AeFx:ug9jDnX80jIGXVhQf

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  569116c1bcda3195a5609fa3058953eb8762c9820a9ce87735fcdc60f59e5a70.exe
- Size
  
  315KB
- MD5
  
  211bce21c0bafbb9067146bc60d95372
- SHA1
  
  c93b89a7bed0d3e5e81b7f93ce312867e8d510fc
- SHA256
  
  569116c1bcda3195a5609fa3058953eb8762c9820a9ce87735fcdc60f59e5a70
- SHA512
  
  81433b863bbace76398abda8d38323be013085f187ba8adb26670b176121ecf8674271f8ccb21fe65036910f575d6326902a24b59f374d41ad3cbf8e61d8331d
- SSDEEP
  
  6144:9Kw22LUYQigffivcGlPTl1Wj3jV2AS6GsmG0B2En2E1aJ:9v15QiSak8L2j3jV5GhZ2Uv
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan