smokeloader

General

Target

1ec4811e3e49423273f174a796df10f7.bin
Size

168KB
Sample

230319-v512psbe4z
MD5

ad1839156960c02aad14ba547a30f95b
SHA1

1377ad6b1b805316db123ec3f9b9467bffc9825c
SHA256

71c2dd3ba18d34c2611ca0ffb07fe59ace240b26b79c37b1ebfd3412a4060d01
SHA512

8031df10efcaae5769de281c8ed83a17b470be8ee52470bfd3d1cd76f57d793766a1fc7eb9f6bbefe046fde984353d455e80131b71290d5fb4f8c29dba378c7d
SSDEEP

3072:OxFSPPTvf6W6fXwZ4fmvKi4l/+Zl6p5QHi3dH7fy30nGkXW4OXlxRjT6mKDNb1K1:CSXrem/vKJ+mJ3dHby3RkG5XRXVKhjwV

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  1ab7a51b9a0cadfa15ac2ac17b3f02181082cf33837e8d9e74faed52b6324689.exe
- Size
  
  300KB
- MD5
  
  1ec4811e3e49423273f174a796df10f7
- SHA1
  
  0619748930b0b78b83efe2b0decc406a572f8651
- SHA256
  
  1ab7a51b9a0cadfa15ac2ac17b3f02181082cf33837e8d9e74faed52b6324689
- SHA512
  
  dd78b7912954971cf1560a96481a1bc56a0780c710a01666560119ba39d7968f0e6267a249fdad3ee7bf1de99fc27f7d6194e9763eca8d095d274dd2a8d7603b
- SSDEEP
  
  3072:X+cx5EpLNoGdqpWfoaZ6/ahi5kbneWwqeA8S/W9LwtSLm+DpTq2I3wK:X3x5EpLKG8owaA/V+qqeATe9Lwt0mYZ
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2