smokeloader

General

Target

5316d624fa17c39ae9c5dc67a28ff096.exe
Size

280KB
Sample

230310-pb3qjsde57
MD5

5316d624fa17c39ae9c5dc67a28ff096
SHA1

c43f9be0406d4a9ca1669eb63df8beff346d4fa3
SHA256

d35fbba821f2a962d48cbfec0b529b50c1c1481b594e819324a574b7a7c8e57d
SHA512

76e055b9779cf04450d8a55633bf74fe17cb0c8dddf08b2933de1cccfd6c29eaf1cb9abd66889058307d649c7986670c4de2ad969b8f91f1ebe0de9bfb12c404
SSDEEP

3072:SZAVKDFYsL91Te4LEo6GYlj6Adfl74LJiWVMHAfH826hBXsptmz:ElLjDfYRNt7iFVMgfP28b+

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  5316d624fa17c39ae9c5dc67a28ff096.exe
- Size
  
  280KB
- MD5
  
  5316d624fa17c39ae9c5dc67a28ff096
- SHA1
  
  c43f9be0406d4a9ca1669eb63df8beff346d4fa3
- SHA256
  
  d35fbba821f2a962d48cbfec0b529b50c1c1481b594e819324a574b7a7c8e57d
- SHA512
  
  76e055b9779cf04450d8a55633bf74fe17cb0c8dddf08b2933de1cccfd6c29eaf1cb9abd66889058307d649c7986670c4de2ad969b8f91f1ebe0de9bfb12c404
- SSDEEP
  
  3072:SZAVKDFYsL91Te4LEo6GYlj6Adfl74LJiWVMHAfH826hBXsptmz:ElLjDfYRNt7iFVMgfP28b+
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2