smokeloader | 1658cc46119a0060850e09f244da2671f94825ed795a7e50cb0f6c1a6bd2bf4f | Triage

Sharing

General

Target

eufive_20210923-213446
Size

118KB
Sample

210926-nzgbsaegf4
MD5

e9a66024f69e24e192dc5137b38055be
SHA1

8c02e95e9f0fae73a9c38f3042881bd6cd7d034f
SHA256

1658cc46119a0060850e09f244da2671f94825ed795a7e50cb0f6c1a6bd2bf4f
SHA512

d691a913133cc5b81af167c12cef2a8b46df7ecdf51eb07d9ce805460c126bfc4f671b738d9943d9e46298cda845c0e2c748f7086f1604829011bde1100f014a

Score

10^/10

smokeloader backdoor trojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://sokdikksiiefgsdf.cyou/

https://sokdikksiiefgsdf.cyou/

rc4.i32

rc4.i32

Targets

- Target
  
  eufive_20210923-213446
- Size
  
  118KB
- MD5
  
  e9a66024f69e24e192dc5137b38055be
- SHA1
  
  8c02e95e9f0fae73a9c38f3042881bd6cd7d034f
- SHA256
  
  1658cc46119a0060850e09f244da2671f94825ed795a7e50cb0f6c1a6bd2bf4f
- SHA512
  
  d691a913133cc5b81af167c12cef2a8b46df7ecdf51eb07d9ce805460c126bfc4f671b738d9943d9e46298cda845c0e2c748f7086f1604829011bde1100f014a
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan