smokeloader

General

Target

f401ba46cb09a5608fb61b691fc5517a.exe
Size

295KB
Sample

230318-hqcpcadf21
MD5

f401ba46cb09a5608fb61b691fc5517a
SHA1

2fe9620048baf732d041d32f9c4d1350a6ae1e1b
SHA256

fb592584b36a5a4e9c6c6c22bd271ea4abed2ea6145600229fadc47e8629cccc
SHA512

9a74d814a7be4a6f551bf267e4a2861986ab2356d19763108da4485e26e5789294d3a9fd54947742423b85999055459bcd52fe7abea06bad1ebdba03a9c9ab26
SSDEEP

3072:yD6VwNLpmWIidwWbPIKFfYepVjQ1xUvbFsqcsCjc6N2t9Qr5u:/wNLpvI0bwafYWaabFsZskDFu

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  f401ba46cb09a5608fb61b691fc5517a.exe
- Size
  
  295KB
- MD5
  
  f401ba46cb09a5608fb61b691fc5517a
- SHA1
  
  2fe9620048baf732d041d32f9c4d1350a6ae1e1b
- SHA256
  
  fb592584b36a5a4e9c6c6c22bd271ea4abed2ea6145600229fadc47e8629cccc
- SHA512
  
  9a74d814a7be4a6f551bf267e4a2861986ab2356d19763108da4485e26e5789294d3a9fd54947742423b85999055459bcd52fe7abea06bad1ebdba03a9c9ab26
- SSDEEP
  
  3072:yD6VwNLpmWIidwWbPIKFfYepVjQ1xUvbFsqcsCjc6N2t9Qr5u:/wNLpvI0bwafYWaabFsZskDFu
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2