smokeloader | 5fce027a647cc4ce87e15cd96b3531d61e008e79221cf1de01287021f05e2a5d | Triage

Sharing

General

Target

5fce027a647cc4ce87e15cd96b3531d61e008e79221cf1de01287021f05e2a5d
Size

206KB
Sample

241215-rdlwxsykcr
MD5

915a9d6dd240422e41c99175d3f8a375
SHA1

de6a1ab0ed7403e58a1e4ddf5efabf076320bde4
SHA256

5fce027a647cc4ce87e15cd96b3531d61e008e79221cf1de01287021f05e2a5d
SHA512

a13aeeccfdd59e40f87744d6265292f46a28694f9cd26bb0a3d7207dcf491959fe0ba2d585465ad9d03c225dab7822351d2b2cc0988e6335bbe85763f68fb1a8
SSDEEP

6144:fFr8GBofok1bHyX1heFZU1EwFXGHPEuL+ahe:fLCfoOTyXGQbFMPEic

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  db79d6a667294c81210d9aa4d989f35832e75151863c2d216787028ae673da50
- Size
  
  307KB
- MD5
  
  0abe50c1509136bf62d2184ab439e7a5
- SHA1
  
  722a7e2a0dd66f506ba93d24946b8bf504b100c0
- SHA256
  
  db79d6a667294c81210d9aa4d989f35832e75151863c2d216787028ae673da50
- SHA512
  
  0c232d1eaf68c0099fb499fcd40bb33cd604f0259a71b853c296e00cc468342de95548ccf61d9e904cef5d34fd94defbb43f844e9f50a51517c7c95ab66862c5
- SSDEEP
  
  6144:Gu0FGLnBOUaLPP7S9dW8dsgMF24raEn2E1a:Gu0wTBOU2Pj6EisgM/uUv
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan