smokeloader | dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f | Triage

Submit
Reports

Overview

overview

Static

static

3

dc01209e1d...5f.exe

windows7-x64

dc01209e1d...5f.exe

windows10-2004-x64

Sharing

General

Target

dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f.exe
Size

311KB
Sample

240628-camlqavcre
MD5

4dccbf41f0e18a74c12363f7df4b42f4
SHA1

ed45004bdc194a163ae65d276a77e2f29a5087ca
SHA256

dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f
SHA512

7f7ccf8c89dce3752021c390b5248030b159886e2865f20382a9679f46f46e1efa0ccdbb7457755caf3bfc30d9efb8c4d343b90f35535781c51d0a0ff7c5c18e
SSDEEP

3072:6C406L974BzV04SWUgjjN9ij5b+q5kcr/56QQMZ2eD32YRcQTTeABNY:6Cd6L9MtK4Ts5Kq5kcrXQMT32wTK

Score

10^/10

smokeloader pub2 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f.exe

Resource

win7-20240508-en

smokeloader pub2 backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f.exe

Resource

win10v2004-20240611-en

smokeloader pub2 backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f.exe
- Size
  
  311KB
- MD5
  
  4dccbf41f0e18a74c12363f7df4b42f4
- SHA1
  
  ed45004bdc194a163ae65d276a77e2f29a5087ca
- SHA256
  
  dc01209e1da385103d7a5f9e993b1e079bedfdb6d4df02165724fee01962bb5f
- SHA512
  
  7f7ccf8c89dce3752021c390b5248030b159886e2865f20382a9679f46f46e1efa0ccdbb7457755caf3bfc30d9efb8c4d343b90f35535781c51d0a0ff7c5c18e
- SSDEEP
  
  3072:6C406L974BzV04SWUgjjN9ij5b+q5kcr/56QQMZ2eD32YRcQTTeABNY:6Cd6L9MtK4Ts5Kq5kcrXQMT32wTK
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan

© 2018-2024

Terms | Privacy