smokeloader | 2209ac45a2c774c32e799ad0bb60d1f0043a081a831121a7c0504af44120361a | Triage

Sharing

General

Target

2209ac45a2c774c32e799ad0bb60d1f0043a081a831121a7c0504af44120361a
Size

142KB
Sample

241215-qxsyxaxmgn
MD5

bf663dc0141370288f35340fbcc816cf
SHA1

56ce438ff99e9740d7aa11bec0ee8ae0dd345020
SHA256

2209ac45a2c774c32e799ad0bb60d1f0043a081a831121a7c0504af44120361a
SHA512

2049259fdb9b525bb77be2fd9f35be8ae7217ebfb19672af4013fe6722c802c6382441eec9479110cf803ce98516f29fbd16b704063c9f085eab7627d2015e8c
SSDEEP

3072:zfSD/WMwI7nA8B8iiTciC1p8spI4iEh7LLUOq/sOhx4U358xeuLP2:z6yHoiTYp8z4VhksO74U3msA2

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  50ad780ff0b6c54567e0735b678f823b3eb5eff1d4f9bc191782ef7b18e5d5fc
- Size
  
  261KB
- MD5
  
  0a4f05d860fccf467a1994cd3c625262
- SHA1
  
  a520aafaa2948b4a543bab634806cd6d75ce3f4b
- SHA256
  
  50ad780ff0b6c54567e0735b678f823b3eb5eff1d4f9bc191782ef7b18e5d5fc
- SHA512
  
  fd4d4ce6dc0373ef5bab579a818bcc699de1011a5f23e1991b4739288b0715c7df8fb2a10ad3aac7ccae8debbeecca6f1a7f0435d7d664314757e85531bbd84f
- SSDEEP
  
  6144:j+pNqxwaDr6Mhi8XK9jAvXPMv8s0osO7lMN3:j+Awa/FE8XK9jAHMv8sHsc
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan