smokeloader

General

Target

setup.exe
Size

273KB
Sample

230326-bkjr5sha3s
MD5

15247b34ea738f74c3a4e8e23d67a639
SHA1

65b0a8439615fddb1c62166c2a5b3b965f94ea97
SHA256

ecfe9651f2848c5fdebfedc91e998b1cb2c3a546b3f80dd5507b6b00acee1869
SHA512

8e60616cb9b676dff4d1255fdc17da2da5c68990ea79d0a4dce7e900b25383ca2f8631194391b23174979efb13429bd82617a7bd2d0f47120a34aaf1a7b6125a
SSDEEP

3072:C/06DPTRE43XAqvWv89KXWmrhEoPmLfFHk8R5TPotA5iHi9CJQN0fm2Rh:lkE4nh9KXHYfF95cteiCsTfz

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  setup.exe
- Size
  
  273KB
- MD5
  
  15247b34ea738f74c3a4e8e23d67a639
- SHA1
  
  65b0a8439615fddb1c62166c2a5b3b965f94ea97
- SHA256
  
  ecfe9651f2848c5fdebfedc91e998b1cb2c3a546b3f80dd5507b6b00acee1869
- SHA512
  
  8e60616cb9b676dff4d1255fdc17da2da5c68990ea79d0a4dce7e900b25383ca2f8631194391b23174979efb13429bd82617a7bd2d0f47120a34aaf1a7b6125a
- SSDEEP
  
  3072:C/06DPTRE43XAqvWv89KXWmrhEoPmLfFHk8R5TPotA5iHi9CJQN0fm2Rh:lkE4nh9KXHYfF95cteiCsTfz
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2