smokeloader

General

Target

9c6e3d830653a68493c3755dec0f8425.bin
Size

168KB
Sample

230319-wp2hzabf5t
MD5

f49da2606c8ce403572c4b4b42379dff
SHA1

13df3ef19f0ed4b16c6ae02434bdd53008c2fd7e
SHA256

13b9683f182cb922f5d7583f65e0bedc12139fc706ffee8e6dc9c27a62e83fc4
SHA512

23e9a4f7091a69677862a5a8b69c031cb376cc9a644c027a0213ebde15977257313bed935c1aa3a0512f2904a0a3f6ca5856476b3c90e893b3c218bc34396587
SSDEEP

3072:w3a/mwfu1VRXHG9PIdq7seWnXmwlHb09/x+3aQfLBwwPRtyBZ0OufVATS:ca/mCkHG9/seeXmgHb095uZBzPTuZ12j

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  c04020e5e9111141155e941bb9c6e22e63cb79f0f707d3261ca35b1d57c2c215.exe
- Size
  
  296KB
- MD5
  
  9c6e3d830653a68493c3755dec0f8425
- SHA1
  
  8caaf93f9f3279c65517f5133751ab37bbf77f58
- SHA256
  
  c04020e5e9111141155e941bb9c6e22e63cb79f0f707d3261ca35b1d57c2c215
- SHA512
  
  8d420296251f67874bc311b52dbad11e6312b9d7794a03fbc1c54472977e9c48be7ccfef916e31aaef2c541fd624154047435f910dbb43686ca6b32859c38c25
- SSDEEP
  
  3072:v00qLg1LgBGrSaG1pLqvnvUuSXLz1GUVvuG/YfQFaI4yhituCuM:cXg1LgwrSb1tUUuhUVGN4FDMu
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2