smokeloader | 109d7099f820f14586d6bb6b6cd1e1d48e300bb50089cf403f3034831734fc0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

109d7099f820f14586d6bb6b6cd1e1d48e300bb50089cf403f3034831734fc0d
Size

216KB
Sample

230425-zp3yksch28
MD5

a3ab7896c09e58020a04b257cf249125
SHA1

f100f75c273e4be5690e8c04e663a5f5660f7e87
SHA256

109d7099f820f14586d6bb6b6cd1e1d48e300bb50089cf403f3034831734fc0d
SHA512

9041f45a45ae409c888e81b4617c1d19f0db510f0789c355e2eae49e6464ee3e18a7bc4355924cd59ac1e22ec9ceeaed22e5d21f9237103db04e9bd054178594
SSDEEP

3072:vwoGtgDYPQElqMXq+6ocMq659vKVtvHtU9j1Frl5iQYZWEhO0O/wpv:eti+DC6L5t0M/rqQa

Score

10^/10

smokeloader sprg backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

rc4.i32

Targets

- Target
  
  109d7099f820f14586d6bb6b6cd1e1d48e300bb50089cf403f3034831734fc0d
- Size
  
  216KB
- MD5
  
  a3ab7896c09e58020a04b257cf249125
- SHA1
  
  f100f75c273e4be5690e8c04e663a5f5660f7e87
- SHA256
  
  109d7099f820f14586d6bb6b6cd1e1d48e300bb50089cf403f3034831734fc0d
- SHA512
  
  9041f45a45ae409c888e81b4617c1d19f0db510f0789c355e2eae49e6464ee3e18a7bc4355924cd59ac1e22ec9ceeaed22e5d21f9237103db04e9bd054178594
- SSDEEP
  
  3072:vwoGtgDYPQElqMXq+6ocMq659vKVtvHtU9j1Frl5iQYZWEhO0O/wpv:eti+DC6L5t0M/rqQa
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersprgbackdoortrojan