smokeloader | dc33fb86e1dde312b873b482b78b01918dc85898c5bfd089149349e97addb399 | Triage

Sharing

General

Target

dc33fb86e1dde312b873b482b78b01918dc85898c5bfd089149349e97addb399
Size

259KB
Sample

241215-rb5agsyjgj
MD5

8b686668e84746a42b70bfc37669f200
SHA1

b6e72dbfee5c427b047a851f3aa9893b1b62a9e6
SHA256

dc33fb86e1dde312b873b482b78b01918dc85898c5bfd089149349e97addb399
SHA512

87d25a00449304e1454681c470c33eacec70651e184923e53b0a7d9c149c54a5698fd009874843f48beb3e2972f88b9d1567b69fec6ae3c6f3b6600b1eec1959
SSDEEP

3072:AZXO4l+Hy3L91iAEy2cG5dVZ5uro1mtLUCVu7fxVD9shOjMSSMaORMmY9M/h3CU7:A9qH8L913235d8VLl6ff9shivn6mwJ

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  dc33fb86e1dde312b873b482b78b01918dc85898c5bfd089149349e97addb399
- Size
  
  259KB
- MD5
  
  8b686668e84746a42b70bfc37669f200
- SHA1
  
  b6e72dbfee5c427b047a851f3aa9893b1b62a9e6
- SHA256
  
  dc33fb86e1dde312b873b482b78b01918dc85898c5bfd089149349e97addb399
- SHA512
  
  87d25a00449304e1454681c470c33eacec70651e184923e53b0a7d9c149c54a5698fd009874843f48beb3e2972f88b9d1567b69fec6ae3c6f3b6600b1eec1959
- SSDEEP
  
  3072:AZXO4l+Hy3L91iAEy2cG5dVZ5uro1mtLUCVu7fxVD9shOjMSSMaORMmY9M/h3CU7:A9qH8L913235d8VLl6ff9shivn6mwJ
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan