smokeloader | cf279fcb95f899fc53d26d9463417ef26a03c8d9f03f4c4fd746302f0a0f2cbc | Triage

Sharing

General

Target

cf279fcb95f899fc53d26d9463417ef26a03c8d9f03f4c4fd746302f0a0f2cbc
Size

228KB
Sample

241215-ras6tswmhs
MD5

cb726308f104e0dd3409416f3f569568
SHA1

ed9689748a482e4b04a9e0b3d25adb6b686c32e7
SHA256

cf279fcb95f899fc53d26d9463417ef26a03c8d9f03f4c4fd746302f0a0f2cbc
SHA512

b3ebe1b4f6333d03e45feca1a30d7aedadb6828c8e001d0c9cd98f37fa90d2f0234c71d8501387a8f9b17df0dbdb8ebd41481221a2f72ac29fb2f5872f77c6d6
SSDEEP

3072:sn3lbwyAQufrWRa4FI/L9SiTWS2G6F7cewNrWlO+xvCMyn0gdvJ:snlLuCQLMiT7ogNgOIvCMy0

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  cf279fcb95f899fc53d26d9463417ef26a03c8d9f03f4c4fd746302f0a0f2cbc
- Size
  
  228KB
- MD5
  
  cb726308f104e0dd3409416f3f569568
- SHA1
  
  ed9689748a482e4b04a9e0b3d25adb6b686c32e7
- SHA256
  
  cf279fcb95f899fc53d26d9463417ef26a03c8d9f03f4c4fd746302f0a0f2cbc
- SHA512
  
  b3ebe1b4f6333d03e45feca1a30d7aedadb6828c8e001d0c9cd98f37fa90d2f0234c71d8501387a8f9b17df0dbdb8ebd41481221a2f72ac29fb2f5872f77c6d6
- SSDEEP
  
  3072:sn3lbwyAQufrWRa4FI/L9SiTWS2G6F7cewNrWlO+xvCMyn0gdvJ:snlLuCQLMiT7ogNgOIvCMy0
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan