smokeloader | 4eb86fb8eff8665fa5127d27cf9956ad9e91e98f8deb66d8777ce6415549cc22 | Triage

Sharing

General

Target

4eb86fb8eff8665fa5127d27cf9956ad9e91e98f8deb66d8777ce6415549cc22
Size

105KB
Sample

241215-rc2wraykbk
MD5

ee4b2b9b3ea623d5bf59349683c9cf0a
SHA1

48008df9f30a8faa4cf406240ae33b637cde0cb6
SHA256

4eb86fb8eff8665fa5127d27cf9956ad9e91e98f8deb66d8777ce6415549cc22
SHA512

2cf58e586ba70803cb75afde37ecf3b2f5465d3b579aa049a0e307fdd6c88349ba4fff0c86081296790da8d7f454102e9264108452bf8616fc199eb6d43ed3f2
SSDEEP

3072:BSibWWgTByHp6h3EzmlabIRbq3ePgrkXRaKnM6:8ibIV8py3EzNIlyePCKnz

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  79cc5fd3577abf09f56165c654ab9ac9169e5a46320de8f1b5218d1aa319b5d2.exe
- Size
  
  153KB
- MD5
  
  95a3d00395ea53c3d986b78aa53fa6b2
- SHA1
  
  c90bfcc743543c0bd4f769941ba23789522ed5cb
- SHA256
  
  79cc5fd3577abf09f56165c654ab9ac9169e5a46320de8f1b5218d1aa319b5d2
- SHA512
  
  a88ef04a6fa0ce44ba1b7c3e1bb4ee51e772cfd510797458f76091587de42b46ff4786f76f33976c1cdf54800522210d57479154d9e1506bd26d5a0f8db0cfa9
- SSDEEP
  
  1536:mir1LB4ed0LBuuMlzMb8chUADK3S5Vr2n1s9rXxWo1lHCr25oVKUiHV6lrgoJvOD:FzGLLMOn0S5O6HWtFrgoJWpoYjIC
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan