smokeloader | b77d1ea80aff7517c3658e7a2a2aa7488ed83c516606c7a289e83a05a126a6bb | Triage

Sharing

General

Target

b77d1ea80aff7517c3658e7a2a2aa7488ed83c516606c7a289e83a05a126a6bb
Size

105KB
Sample

241215-rz8yksxlaw
MD5

e2340debcadc3ce922b1dc7301e1d489
SHA1

b798ef185312817e6bb051689d1396c39d65b8fb
SHA256

b77d1ea80aff7517c3658e7a2a2aa7488ed83c516606c7a289e83a05a126a6bb
SHA512

b2b7b32edaf051c08af12da021ca5a01de0d21e73a267150dc73677473e8410ef25642ff3a58538f29fe87813636e14560b23cdbcca956900366f482b408afe5
SSDEEP

1536:YaOTKFIhU/cpF9tuxuDyA+GLIPZfajPCykp1Chautw1s1GRT3wbA4WJmd9V9:rFX0pgAiBZKPUCha0wmoTgbhWK9

Score

10^/10

smokeloader pub2 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  d6f2aeb3fb9194702b80d88ec2e7158616ce7b1b2be4398202dd6ff1c3deb2bc.exe
- Size
  
  153KB
- MD5
  
  bf029213943aacd6cea5b06f25a60f2f
- SHA1
  
  c9ebad81c6cc7d5d8e21d9581a6586cc1fe22a41
- SHA256
  
  d6f2aeb3fb9194702b80d88ec2e7158616ce7b1b2be4398202dd6ff1c3deb2bc
- SHA512
  
  c442b8101795cfd0275a99152ea21d9cc67ad175f5e50c1f41a3dbe06d923a40f9290110e9cd674fe76e55a7580937efba58a12e909d2445d59f5ceea1d2d361
- SSDEEP
  
  3072:u8eLlSSgq5VcC7f4Ir6NMjOeoOjFnJE2jv:2LlSSZ/ryqOeppnJE
Score

10^/10

smokeloader pub2 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoordiscoverytrojan