smokeloader | 1a74e51eb6fc1c98488b46a9d72ed4ec471121ace9effe996cc3c7a955bd07d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a74e51eb6fc1c98488b46a9d72ed4ec471121ace9effe996cc3c7a955bd07d6
Size

247KB
Sample

230324-nn8xnaea36
MD5

d96b3a8c6a7a744fea4b9c73b1a1a359
SHA1

3c64f558f52afbaea41df1a535bd6886103b2b16
SHA256

1a74e51eb6fc1c98488b46a9d72ed4ec471121ace9effe996cc3c7a955bd07d6
SHA512

ec3c85cbd1d093317ca01f66b4c938ef213353660a6ab8f354443448b6d76768a2213dd9ba1a54ba1e5578a6dfe2a6ae84ca32e680d3f99f62e4b8d871900022
SSDEEP

3072:yjBOz1zXhC+dLsgTezgfi7Dwb5WP2yPrUXYDAUpAYqV2yIHDtcb16WNObVr:NcavI6iW5iTrUIDAYAYwijtcbMj

Score

10^/10

smokeloader sprg backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

rc4.i32

Targets

- Target
  
  1a74e51eb6fc1c98488b46a9d72ed4ec471121ace9effe996cc3c7a955bd07d6
- Size
  
  247KB
- MD5
  
  d96b3a8c6a7a744fea4b9c73b1a1a359
- SHA1
  
  3c64f558f52afbaea41df1a535bd6886103b2b16
- SHA256
  
  1a74e51eb6fc1c98488b46a9d72ed4ec471121ace9effe996cc3c7a955bd07d6
- SHA512
  
  ec3c85cbd1d093317ca01f66b4c938ef213353660a6ab8f354443448b6d76768a2213dd9ba1a54ba1e5578a6dfe2a6ae84ca32e680d3f99f62e4b8d871900022
- SSDEEP
  
  3072:yjBOz1zXhC+dLsgTezgfi7Dwb5WP2yPrUXYDAUpAYqV2yIHDtcb16WNObVr:NcavI6iW5iTrUIDAYAYwijtcbMj
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersprgbackdoortrojan