smokeloader | cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8 | Triage

Sharing

General

Target

cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
Size

261KB
Sample

241215-rkjp5symek
MD5

cb51e4547acf43d8e5bc7bc9558002f7
SHA1

98bb8c78391a05cc6455fa3ed99109209d40177e
SHA256

cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
SHA512

2c1bfa4e5b641301fdcee8f8c4e18ab6d68b1f4db74b58f40733c76c7ca2b150fa28f1ac50e217080fae927e82a77342a49f4dedd34b954b9c89075cae10239d
SSDEEP

3072:HXOEdHMvLUSAw/b6G0mj5etF07MMLP7EKWXm7E5dn0yZTcm3MT7oM/h3l:3bH6LUabl0RtHM8vZdnz4m307o

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
- Size
  
  261KB
- MD5
  
  cb51e4547acf43d8e5bc7bc9558002f7
- SHA1
  
  98bb8c78391a05cc6455fa3ed99109209d40177e
- SHA256
  
  cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
- SHA512
  
  2c1bfa4e5b641301fdcee8f8c4e18ab6d68b1f4db74b58f40733c76c7ca2b150fa28f1ac50e217080fae927e82a77342a49f4dedd34b954b9c89075cae10239d
- SSDEEP
  
  3072:HXOEdHMvLUSAw/b6G0mj5etF07MMLP7EKWXm7E5dn0yZTcm3MT7oM/h3l:3bH6LUabl0RtHM8vZdnz4m307o
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan