smokeloader | 3c439e3b55348ff06f1e1077a3323dad81d358a46c4c51d779f293d59b2f51c5 | Triage

Sharing

General

Target

3c439e3b55348ff06f1e1077a3323dad81d358a46c4c51d779f293d59b2f51c5
Size

297KB
Sample

230328-wv22pacd72
MD5

e1f127a5a5160b31a537a6597ac0c27f
SHA1

66f4c65f749d8e316bd7d4fe465af0196d305961
SHA256

3c439e3b55348ff06f1e1077a3323dad81d358a46c4c51d779f293d59b2f51c5
SHA512

c67ece98325ad70c0b9cb55a93824d123e99f5d4552daded41b22446d5b331fe9aa0ab2dc8b0f0fec8a3d5b7e6336b1c5ede335a38b5e76be9e733d85c13aaee
SSDEEP

3072:E8QhHEMl6vwuIUrSzBeuMdxT9pQXAN1VE1HdXFNhTQWvQfu:1Az6vwaSzkpJqHxk

Score

10^/10

smokeloader sprg backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

rc4.i32

Targets

- Target
  
  3c439e3b55348ff06f1e1077a3323dad81d358a46c4c51d779f293d59b2f51c5
- Size
  
  297KB
- MD5
  
  e1f127a5a5160b31a537a6597ac0c27f
- SHA1
  
  66f4c65f749d8e316bd7d4fe465af0196d305961
- SHA256
  
  3c439e3b55348ff06f1e1077a3323dad81d358a46c4c51d779f293d59b2f51c5
- SHA512
  
  c67ece98325ad70c0b9cb55a93824d123e99f5d4552daded41b22446d5b331fe9aa0ab2dc8b0f0fec8a3d5b7e6336b1c5ede335a38b5e76be9e733d85c13aaee
- SSDEEP
  
  3072:E8QhHEMl6vwuIUrSzBeuMdxT9pQXAN1VE1HdXFNhTQWvQfu:1Az6vwaSzkpJqHxk
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloadersprgbackdoortrojan