smokeloader

General

Target

bsd4r.zip
Size

146KB
Sample

210419-6x4yxle3ya
MD5

1a4cf3f9d8466b5dbc4f0ed09c4a054a
SHA1

97367ce9c6311f107afc8ba02785522d4ef78d84
SHA256

eff7107ad5b8ab8d26f40fdfea14e6e48a27b19999d16ab3c3d14728ab2b9450
SHA512

c36d038ae9c126514399b3706fc8bf46f74c432fdcef14f1f163169716545fe4394d8fd0d161c9c7052d2a39d19103b5a283c3fa9b8f626701bd98a9f781ecb9

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://etasuklavish.today/

http://mragyzmachnobesdi.today/

http://kimchinikuzims.today/

http://slacvostinrius.today/

http://straponuliusyn.today/

http://grammmdinss.today/

http://viprasputinsd.chimkent.su/

http://lupadypa.dagestan.su/

http://stoknolimchin.exnet.su/

http://musaroprovadnikov.live/

http://teemforyourexprensiti.life/

http://stolkgolmishutich.termez.su/

http://roompampamgandish.wtf/

rc4.i32

Targets

- Target
  
  bsd4r.exe
- Size
  
  276KB
- MD5
  
  69c1c62895726fedc482d2b2f408f8ce
- SHA1
  
  a6327d2b1e6c0d30681085699aa2290e2e371994
- SHA256
  
  f8f9e464b8f667a85f7095e9ac4ff80a08a96e5c4765d62b18471b1908bb0109
- SHA512
  
  de5ebb736d1dc225ca56218538dfc8d27b61f16caa7ebd6a14ff7534b42cee1edecdde43f70524d96f6ecccf1303fba90cff5109375eb8d273fef9df71027ab6
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Deletes itself

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2