smokeloader | 1f7f9f44ed8df4a858f5a9b931450fdfc40d484a411cbad067e402a3e9090527 | Triage

Sharing

General

Target

1f7f9f44ed8df4a858f5a9b931450fdfc40d484a411cbad067e402a3e9090527
Size

154KB
Sample

241215-qxndesxmgj
MD5

156a368f544d118a491ea9d91792e149
SHA1

0b98de046e5138f075eee858e9139e9f5acb9f34
SHA256

1f7f9f44ed8df4a858f5a9b931450fdfc40d484a411cbad067e402a3e9090527
SHA512

ad49248b6059a6d99a226bf6db707c970b0e9bc8b3272c798c5d20b0fa7288c4e33283db716b2d8f896e899d1ee166410890b6079e58594dfbeb8a131d5b071a
SSDEEP

3072:/zRHshR7PCUUjAKLUPrJMubdeQAedREqDmhGVEXL85OyvaczM:/JA6FjAKLUPrJ+e7pw857fw

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  6b15cfb4acd1e77c3138151d6ce6b9e242737aa445a7dad386d505e69b3d4fb1
- Size
  
  235KB
- MD5
  
  e04d988822db09d0e81e9f8c7eaad9eb
- SHA1
  
  0ef8f4636abfa2fb36206039f35bedbfe779e9a9
- SHA256
  
  6b15cfb4acd1e77c3138151d6ce6b9e242737aa445a7dad386d505e69b3d4fb1
- SHA512
  
  ce617982cb96cbc2f041b7d9c2d219306363e94e669ab01e39ecaa6f72b2c3ff073f3438dca7f5c214f1e7a4b7f67d648de0a05e9bfb1edb8e282cda76d801ee
- SSDEEP
  
  6144:vJyLBt6myGPjz4zH9+kTLNKTUrv9T2lhe6:vEvrNrcD9714
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan