smokeloader

General

Target

setup.exe
Size

179KB
Sample

230321-b9akrsac7y
MD5

845cdb48c99f7a79ed1a25e74164db60
SHA1

dbeb42a162d2ca279d57d4b06e1f6d38c217d67e
SHA256

e4169cdd8170b82e2d75f368a8740561a533b047de2f4219147453279f176e4b
SHA512

929efa288daeec18cc0c072a072ddc2c0e0aa667cca61dcf850f2d8b9a2b9480da90714023ca8f65d226346be19bb05be3102640c57a7d56a76bea4bf21ef6ce
SSDEEP

3072:nMPgC23s0W6WEd1IOlf2PXqx0lm+lagn1sItZ:zCEsi+PAc9

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  setup.exe
- Size
  
  179KB
- MD5
  
  845cdb48c99f7a79ed1a25e74164db60
- SHA1
  
  dbeb42a162d2ca279d57d4b06e1f6d38c217d67e
- SHA256
  
  e4169cdd8170b82e2d75f368a8740561a533b047de2f4219147453279f176e4b
- SHA512
  
  929efa288daeec18cc0c072a072ddc2c0e0aa667cca61dcf850f2d8b9a2b9480da90714023ca8f65d226346be19bb05be3102640c57a7d56a76bea4bf21ef6ce
- SSDEEP
  
  3072:nMPgC23s0W6WEd1IOlf2PXqx0lm+lagn1sItZ:zCEsi+PAc9
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2