smokeloader | 7b4767c68814d9290328bcebf0b5563318229e714faefba8078486ad82dc46ee | Triage

Sharing

General

Target

7b4767c68814d9290328bcebf0b5563318229e714faefba8078486ad82dc46ee
Size

154KB
Sample

241215-ra312awnat
MD5

17720222d65d88a1462130cf86fbb300
SHA1

16cfd8e12eb3caa2f36c1993a58f457c37fa7ad9
SHA256

7b4767c68814d9290328bcebf0b5563318229e714faefba8078486ad82dc46ee
SHA512

5c59e93d411e9e74326ecc79d82a2c5ed5eaa8bfa6b62a768bf19d94ec3028e686dcd20dd22d368003145f2f7fe502f95a740d769ca3144a0cca7fec91723444
SSDEEP

3072:mzRHshR7PCUUjAKLUPrJMubdeQAedREqDmhGVEXL85Oyvaczh:mJA6FjAKLUPrJ+e7pw857fN

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  6b15cfb4acd1e77c3138151d6ce6b9e242737aa445a7dad386d505e69b3d4fb1
- Size
  
  235KB
- MD5
  
  e04d988822db09d0e81e9f8c7eaad9eb
- SHA1
  
  0ef8f4636abfa2fb36206039f35bedbfe779e9a9
- SHA256
  
  6b15cfb4acd1e77c3138151d6ce6b9e242737aa445a7dad386d505e69b3d4fb1
- SHA512
  
  ce617982cb96cbc2f041b7d9c2d219306363e94e669ab01e39ecaa6f72b2c3ff073f3438dca7f5c214f1e7a4b7f67d648de0a05e9bfb1edb8e282cda76d801ee
- SSDEEP
  
  6144:vJyLBt6myGPjz4zH9+kTLNKTUrv9T2lhe6:vEvrNrcD9714
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan