smokeloader

General

Target

setup.exe
Size

246KB
Sample

230325-c5xp6sch41
MD5

31971487f54aa25815fcf5b448b29830
SHA1

3f260481194254fb978b6ac9d910ae43bb0d112f
SHA256

f6318ccf8d9a1882dbee3624343f7232350d1d48284a6aac81241ef8edda2a03
SHA512

13daf9d397c1dc54acc8a14a19015360717d8f991832a73d92e01a8bfd34edadf369772400f0dada20d502d80f5ad2584414760e26fbacd4bcbb53c8668d2692
SSDEEP

3072:av1uzBarc6edobcTShNXuDcyOqmgxSTleuDX+SJA0YhaAe1dudOiIVWNObVr:JotoarqmgxslDM04aAe1qOiIVj

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  setup.exe
- Size
  
  246KB
- MD5
  
  31971487f54aa25815fcf5b448b29830
- SHA1
  
  3f260481194254fb978b6ac9d910ae43bb0d112f
- SHA256
  
  f6318ccf8d9a1882dbee3624343f7232350d1d48284a6aac81241ef8edda2a03
- SHA512
  
  13daf9d397c1dc54acc8a14a19015360717d8f991832a73d92e01a8bfd34edadf369772400f0dada20d502d80f5ad2584414760e26fbacd4bcbb53c8668d2692
- SSDEEP
  
  3072:av1uzBarc6edobcTShNXuDcyOqmgxSTleuDX+SJA0YhaAe1dudOiIVWNObVr:JotoarqmgxslDM04aAe1qOiIVj
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2