9c082fbbd7aaddf6eff01b1cc890bd9ed1348cb59278529a25119dbdcc5c1d15.zip

General
Target

9c082fbbd7aaddf6eff01b1cc890bd9ed1348cb59278529a25119dbdcc5c1d15.zip

Size

4MB

Sample

211114-ne7m8sdcap

Score
10 /10
MD5

46660d153d0ee415b308d5009e034138

SHA1

757137134856cbf32feb17b5b455567d858bc246

SHA256

572062e3eb28ad5617ec4126da9ced28666019ac948fc4e19896f05aaa0830c1

SHA512

ce59069b6ddd979562bfbc842fa3aa2f8aed818a63d0cac6ce77d6b75f8c86d357306a17ffec6d630a40396f10a4e00a3d1d986f1511a4b58d2cb1a79584b4af

Malware Config

Extracted

Family smokeloader
Version 2020
C2

https://savixtothenation.co.ug/index.php

http://savixtothenation.co.ug/index.php

rc4.i32
rc4.i32
Targets
Target

79ae89733257378139cf3bdce3a30802818ca1a12bb2343e0b9d0f51f8af1f10

MD5

fe1de0acb3aa75f88f61a784288a32d1

Filesize

4MB

Score
10/10
SHA1

d973f591f56c3d53aac4e2da4a3eede185c910d9

SHA256

79ae89733257378139cf3bdce3a30802818ca1a12bb2343e0b9d0f51f8af1f10

SHA512

084770ea021d7d52b50228d1ca6277a9fb5880ae22378c297d24b4bccaca7919a207954350f3257485c010ec0c0cdc6e6548a2508bba1e090647465aa160cf7e

Tags

Signatures

  • SmokeLoader

    Description

    Modular backdoor trojan in use since 2014.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        8/10