smokeloader | fcd5108f0532d742e5f0d658075a37c85b3c930c233b7ed62a0651af6490087f | Triage

Sharing

General

Target

fcd5108f0532d742e5f0d658075a37c85b3c930c233b7ed62a0651af6490087f
Size

263KB
Sample

220125-td9dbsadcj
MD5

f1b7c56664118bb64f20bca95feef924
SHA1

dd06ebdf274c4957842a88adc17bd435934d2e95
SHA256

fcd5108f0532d742e5f0d658075a37c85b3c930c233b7ed62a0651af6490087f
SHA512

72e493e3981c9aa87dcf6e5f9674b88c58926aef05a1bcc4c3dd33d2b5689ca9d84a0aa89f5dd623c3c8e6563e2b7e7999119ec30d277e103ab727de636adcc9

Score

10^/10

smokeloader backdoor trojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://oakland-studio.video/search.php

https://seattle-university.video/search.php

rc4.i32

rc4.i32

Targets

- Target
  
  fcd5108f0532d742e5f0d658075a37c85b3c930c233b7ed62a0651af6490087f
- Size
  
  263KB
- MD5
  
  f1b7c56664118bb64f20bca95feef924
- SHA1
  
  dd06ebdf274c4957842a88adc17bd435934d2e95
- SHA256
  
  fcd5108f0532d742e5f0d658075a37c85b3c930c233b7ed62a0651af6490087f
- SHA512
  
  72e493e3981c9aa87dcf6e5f9674b88c58926aef05a1bcc4c3dd33d2b5689ca9d84a0aa89f5dd623c3c8e6563e2b7e7999119ec30d277e103ab727de636adcc9
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan