smokeloader | 331a63a8cd8d01266cd60da163ecf4c32e6e1ec8b7fa970d78e70dce4dc5bbb6 | Triage

Sharing

General

Target

331a63a8cd8d01266cd60da163ecf4c32e6e1ec8b7fa970d78e70dce4dc5bbb6
Size

335KB
Sample

241215-rbed3awnbx
MD5

9415c07b8dbc1f04ff4cf1206f4cccd0
SHA1

f9ce63d9dd830567d977cacff035a3770546abce
SHA256

331a63a8cd8d01266cd60da163ecf4c32e6e1ec8b7fa970d78e70dce4dc5bbb6
SHA512

3a41620a6e853153dc915265761588a1889bcb659a4aab9210d6778383bb5e23a4ac5df06d608ad5bb5c2009d3dab2a2810191917ceff446bd03da5ee3c4b2df
SSDEEP

6144:ypWILHzexWg9GjKMj7AuJMn4UhVsPwbh+3oQ9gOU+fzYBb6:ALqwgOTkAa4tPl9gT6

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  331a63a8cd8d01266cd60da163ecf4c32e6e1ec8b7fa970d78e70dce4dc5bbb6
- Size
  
  335KB
- MD5
  
  9415c07b8dbc1f04ff4cf1206f4cccd0
- SHA1
  
  f9ce63d9dd830567d977cacff035a3770546abce
- SHA256
  
  331a63a8cd8d01266cd60da163ecf4c32e6e1ec8b7fa970d78e70dce4dc5bbb6
- SHA512
  
  3a41620a6e853153dc915265761588a1889bcb659a4aab9210d6778383bb5e23a4ac5df06d608ad5bb5c2009d3dab2a2810191917ceff446bd03da5ee3c4b2df
- SSDEEP
  
  6144:ypWILHzexWg9GjKMj7AuJMn4UhVsPwbh+3oQ9gOU+fzYBb6:ALqwgOTkAa4tPl9gT6
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan