smokeloader | e73fa85ba78d494620181445c35d5d32f79fd73c00cf8cd45f0f82786336ba83 | Triage

Sharing

General

Target

e73fa85ba78d494620181445c35d5d32f79fd73c00cf8cd45f0f82786336ba83
Size

267KB
Sample

241215-qylk8axnaq
MD5

31ecb45d5d2b4840f80ff613a1f52944
SHA1

21b0aa050d0f3ac6a5a3f796d8a619d5d7857451
SHA256

e73fa85ba78d494620181445c35d5d32f79fd73c00cf8cd45f0f82786336ba83
SHA512

d91a035f9916b85f1762e3c2109f32f938cb8e5d32350d19653d464bfb58156e569f1cdbc88c25e85f6b7ec7ee927bf1a6c09f261eab5d3f6210e973b00fa96f
SSDEEP

3072:13XODHCGTLLgPQYLx3GF8c50oSt+QvbnB8Sp9YLmGqUPycM/h3Q:90H7TLLglx2FWd/bB8shUPJ

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  e73fa85ba78d494620181445c35d5d32f79fd73c00cf8cd45f0f82786336ba83
- Size
  
  267KB
- MD5
  
  31ecb45d5d2b4840f80ff613a1f52944
- SHA1
  
  21b0aa050d0f3ac6a5a3f796d8a619d5d7857451
- SHA256
  
  e73fa85ba78d494620181445c35d5d32f79fd73c00cf8cd45f0f82786336ba83
- SHA512
  
  d91a035f9916b85f1762e3c2109f32f938cb8e5d32350d19653d464bfb58156e569f1cdbc88c25e85f6b7ec7ee927bf1a6c09f261eab5d3f6210e973b00fa96f
- SSDEEP
  
  3072:13XODHCGTLLgPQYLx3GF8c50oSt+QvbnB8Sp9YLmGqUPycM/h3Q:90H7TLLglx2FWd/bB8shUPJ
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan