smokeloader | d887994378a4b8725b228a15b57fa8eace51fa60419f23852685ee7dfab5948a | Triage

Sharing

General

Target

d887994378a4b8725b228a15b57fa8eace51fa60419f23852685ee7dfab5948a
Size

115KB
Sample

241215-rz4nvsxlas
MD5

e089630e4b0ccdd3f8a68b8468774e2e
SHA1

1c26009ffb2ec5b949b5480265d67c18fd505ef8
SHA256

d887994378a4b8725b228a15b57fa8eace51fa60419f23852685ee7dfab5948a
SHA512

c3d06c62976ca9f6c6dabc89d753c6cbddaf61d879ed56ae0b930c4d16b38bb9c87bdf84fad14150d0cd6f9992c7321764dcd8b87332605b6407d7e511c8966c
SSDEEP

3072:cpCyitQSJTkqryzluhOIEudNJjD6JI6bgy0fI:mtLpukQn6UyL

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  16185d5dba15b2f274dda94372c6b15d986117429b8b4c831f7b81220a7de695.exe
- Size
  
  174KB
- MD5
  
  6fc2ae1b1b77c49437ee33234ea19a7a
- SHA1
  
  9364b5830b25c440d4a8f7563b2b2cc6e7b0a6d5
- SHA256
  
  16185d5dba15b2f274dda94372c6b15d986117429b8b4c831f7b81220a7de695
- SHA512
  
  9f62cab0753cef11ff431bfc0213f888dbc2a0e460d7cda9e60605c6d6d2fc78ab56ed02515fb4101221a91bb9262c92184fb3bcdf22046e5b9eec75318b91f9
- SSDEEP
  
  3072:h0lbFhVWGLy5Bul/AR2+NdGcvK1rcGVmkFAHk6F:iHLy5BupcyD99FAHZ
Score

10^/10

smokeloader pub2 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoordiscoverytrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan