smokeloader | 31b518925e54c787135d165b6f6af0872e2b8b5c076c6dc859ee907d33b37521 | Triage

Sharing

General

Target

31b518925e54c787135d165b6f6af0872e2b8b5c076c6dc859ee907d33b37521.exe
Size

268KB
Sample

250116-y2lz6axpgn
MD5

2f3cbfe8ac517a67ebcfdd89b98d64f7
SHA1

1bf4867f69ea90353d228a8a8acb1b81400a3ffc
SHA256

31b518925e54c787135d165b6f6af0872e2b8b5c076c6dc859ee907d33b37521
SHA512

6d7436d6eec6f9387e5d58c17d68e5b44028d7da4c5a228463477fba5d9480667b8456f9b268ff29ea3b8e3c0828462b566315c364e40fee42f1c88efc2131fa
SSDEEP

3072:0L0c6VXaYfrTFtGCKmpBdNrwC5FVzSiVZNW:0Qcurfl9KmpB7ZSiVZg

Score

10^/10

smokeloader pub4 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Targets

- Target
  
  31b518925e54c787135d165b6f6af0872e2b8b5c076c6dc859ee907d33b37521.exe
- Size
  
  268KB
- MD5
  
  2f3cbfe8ac517a67ebcfdd89b98d64f7
- SHA1
  
  1bf4867f69ea90353d228a8a8acb1b81400a3ffc
- SHA256
  
  31b518925e54c787135d165b6f6af0872e2b8b5c076c6dc859ee907d33b37521
- SHA512
  
  6d7436d6eec6f9387e5d58c17d68e5b44028d7da4c5a228463477fba5d9480667b8456f9b268ff29ea3b8e3c0828462b566315c364e40fee42f1c88efc2131fa
- SSDEEP
  
  3072:0L0c6VXaYfrTFtGCKmpBdNrwC5FVzSiVZNW:0Qcurfl9KmpB7ZSiVZg
Score

10^/10

smokeloader pub4 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub4backdoortrojan

behavioral2

smokeloaderpub4backdoordiscoverytrojan