smokeloader | 59d828c8924a73f5745f07ed6dcdec593b9dabda26684e023d268158a50332a0 | Triage

Sharing

General

Target

59d828c8924a73f5745f07ed6dcdec593b9dabda26684e023d268158a50332a0
Size

115KB
Sample

241215-rktkcawqhx
MD5

3cd1399b89763d3f6b7778c8db0b0722
SHA1

2fc4a095d950bd4902fb3ba9cd39337bad8d2718
SHA256

59d828c8924a73f5745f07ed6dcdec593b9dabda26684e023d268158a50332a0
SHA512

cfcb7ea9edcb868bac748f240d65916146693a4a996f796d647d1a2bd17dc49fcb80a9a5c65db7e177c1cd2c1c5e7a993c6e1fdf58cfb7b46c0000ceb9516d6d
SSDEEP

1536:oFIS15z5Z9hdV5wNqCjxrEQQgbhYwjw+5/1TJSHIQcsabrd4bgAoUrkAX1174cv7:oFt1DfPPSjGmYwc+Eo1sJbg+kAXGwJpD

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  3cb22da05eb491d982b4d69b7557e52daeaa0e575a13aa390f03e047f474d10f.exe
- Size
  
  173KB
- MD5
  
  ff5038fd739ee30d810f57b078c9b106
- SHA1
  
  d78e81e70051ded98f9ecfeafed14a094862498b
- SHA256
  
  3cb22da05eb491d982b4d69b7557e52daeaa0e575a13aa390f03e047f474d10f
- SHA512
  
  b785e6eee2a6fa6afaf2164d8d76755fb553e686ec8d8dffaa9dbe803da52b5236da610a993f50730ca1b36d0dfc9afdb5cc9de47f561266d668b62024eda307
- SSDEEP
  
  3072:3Al7QFhji6LQ855n/ARbDlNPhC20F1iA2mRZW7nX0W:wOLQ855/YxNPM20zi7WZjW
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan