smokeloader | f91de67f3052c679e8ff10f6bca0d68e5192c1c59f1d9c614306b359ae40c737 | Triage

Sharing

General

Target

f91de67f3052c679e8ff10f6bca0d68e5192c1c59f1d9c614306b359ae40c737
Size

261KB
Sample

241215-rgnvpaylej
MD5

27a64a198650f7afdc3af57decc6c1a7
SHA1

aebdc361721ca20ee0c153bf574c1eb18fe2ccbd
SHA256

f91de67f3052c679e8ff10f6bca0d68e5192c1c59f1d9c614306b359ae40c737
SHA512

70cf4bac1f8c51e94cf0c24d5dbaaa63d3bd4736dd69da7093baedd3c39c5b83e6f4c3df09976ad8cb7418540f2c45948d814ef12527b39883c5a66974416179
SSDEEP

6144:R/1B9/LLBMh4+j7ym4jVDLWE9CyistrckkZ:7BF3BMZj7ymEvWE8rsttkZ

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  f91de67f3052c679e8ff10f6bca0d68e5192c1c59f1d9c614306b359ae40c737
- Size
  
  261KB
- MD5
  
  27a64a198650f7afdc3af57decc6c1a7
- SHA1
  
  aebdc361721ca20ee0c153bf574c1eb18fe2ccbd
- SHA256
  
  f91de67f3052c679e8ff10f6bca0d68e5192c1c59f1d9c614306b359ae40c737
- SHA512
  
  70cf4bac1f8c51e94cf0c24d5dbaaa63d3bd4736dd69da7093baedd3c39c5b83e6f4c3df09976ad8cb7418540f2c45948d814ef12527b39883c5a66974416179
- SSDEEP
  
  6144:R/1B9/LLBMh4+j7ym4jVDLWE9CyistrckkZ:7BF3BMZj7ymEvWE8rsttkZ
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan