smokeloader | aa97a7cfedfb3cd9f9563b3889a55c1329f321b921e022e7258048c47b14afc0 | Triage

Sharing

General

Target

aa97a7cfedfb3cd9f9563b3889a55c1329f321b921e022e7258048c47b14afc0
Size

286KB
Sample

241215-qyqvyaxnbl
MD5

8ef6ff9cf6b7234962e475bcb401be68
SHA1

402ee66ce652f966fdeb8e882f9c19219870cb2d
SHA256

aa97a7cfedfb3cd9f9563b3889a55c1329f321b921e022e7258048c47b14afc0
SHA512

a3900adc4fa278bb03447c3b1f85f182d02dd398002230f907633023479bb430dbf382772e5aeae13685820803ff2218a3c98b6af446cf61fd97926a070f3a4b
SSDEEP

3072:DWZpHlglEQHjJkfzxh45EtgOteIRdyCPxQbHeaWK1MQlCpuMJvCu02f+PaE:Dsp6EQHjaLJ5SCJ6+uyQ8guvCuFf+P

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  aa97a7cfedfb3cd9f9563b3889a55c1329f321b921e022e7258048c47b14afc0
- Size
  
  286KB
- MD5
  
  8ef6ff9cf6b7234962e475bcb401be68
- SHA1
  
  402ee66ce652f966fdeb8e882f9c19219870cb2d
- SHA256
  
  aa97a7cfedfb3cd9f9563b3889a55c1329f321b921e022e7258048c47b14afc0
- SHA512
  
  a3900adc4fa278bb03447c3b1f85f182d02dd398002230f907633023479bb430dbf382772e5aeae13685820803ff2218a3c98b6af446cf61fd97926a070f3a4b
- SSDEEP
  
  3072:DWZpHlglEQHjJkfzxh45EtgOteIRdyCPxQbHeaWK1MQlCpuMJvCu02f+PaE:Dsp6EQHjaLJ5SCJ6+uyQ8guvCuFf+P
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan