smokeloader

General

Target

setup.exe
Size

292KB
Sample

230329-b6eqbaga5y
MD5

93f6452e53b43ef5cde2e6274e890ce5
SHA1

41e59d5180024339c6d4ee0a3b71318267c8e731
SHA256

7b0e42332337a4ebc0ca512290481c9bd975defe798c9102c546d27e1e2a221d
SHA512

6efe96703ca882bc9aa92170f3f99d4113a585bb562a23b0924412756c76e97d15d821fad8f502ba77318e0df0f3be4653e1dc99d517ad19e511957015f00137
SSDEEP

3072:c2fJ2Um5gcvnIM5V312Iye6QCZzm/syHlqi+8P037PHVdThZNjkjRjT2WvQfo:a93vnz0e6Aqi+uYPHVdFT1

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  setup.exe
- Size
  
  292KB
- MD5
  
  93f6452e53b43ef5cde2e6274e890ce5
- SHA1
  
  41e59d5180024339c6d4ee0a3b71318267c8e731
- SHA256
  
  7b0e42332337a4ebc0ca512290481c9bd975defe798c9102c546d27e1e2a221d
- SHA512
  
  6efe96703ca882bc9aa92170f3f99d4113a585bb562a23b0924412756c76e97d15d821fad8f502ba77318e0df0f3be4653e1dc99d517ad19e511957015f00137
- SSDEEP
  
  3072:c2fJ2Um5gcvnIM5V312Iye6QCZzm/syHlqi+8P037PHVdThZNjkjRjT2WvQfo:a93vnz0e6Aqi+uYPHVdFT1
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2