smokeloader | 64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a
Size

277KB
Sample

240628-ykqa9azgkf
MD5

1e5984fbd5aa466b78bfc49cac2163f7
SHA1

1bc35633bf01a82dbc3d8e5e0ebb9b548072cf69
SHA256

64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a
SHA512

184454da4657265245b1a101eb1296bad5e63c45018740c48eb21db768642604d4357f3e3bd3919fab5832230d4c90ac7e7fb32baa2d3a4dbdd44d0e33e061d0
SSDEEP

3072:F0d+mL2zJu51dqIJLKvKs/iViPjxhqRck+5uge/qNxpXATlTzXmZFqNsyKHm:CsmL2zABsKVi9hKcXbNvqzXmZQL

Score

10^/10

smokeloader pub2 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a.exe

Resource

win10v2004-20240508-en

smokeloader pub2 backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a.exe

Resource

win11-20240611-en

smokeloader pub2 backdoor trojan

windows11-21h2-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a
- Size
  
  277KB
- MD5
  
  1e5984fbd5aa466b78bfc49cac2163f7
- SHA1
  
  1bc35633bf01a82dbc3d8e5e0ebb9b548072cf69
- SHA256
  
  64e600221b25ddede9ed87c0b07d0341ec24aea839e7580c7a05d93d5ef06c8a
- SHA512
  
  184454da4657265245b1a101eb1296bad5e63c45018740c48eb21db768642604d4357f3e3bd3919fab5832230d4c90ac7e7fb32baa2d3a4dbdd44d0e33e061d0
- SSDEEP
  
  3072:F0d+mL2zJu51dqIJLKvKs/iViPjxhqRck+5uge/qNxpXATlTzXmZFqNsyKHm:CsmL2zABsKVi9hKcXbNvqzXmZQL
Score

10^/10

smokeloader pub2 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub2backdoortrojan

behavioral2

smokeloaderpub2backdoortrojan

© 2018-2024

Terms | Privacy