smokeloader

General

Target

99d155faa453ff68bc3a207e44e12048.exe
Size

321KB
Sample

230509-t7nzgseg91
MD5

99d155faa453ff68bc3a207e44e12048
SHA1

6269686b6db601791cff4d4f76061b239bbdc303
SHA256

70867d16ba96af0ff04aafa9a6c724942a0345bcd2c98c2003f0810eb92b11db
SHA512

1b585813ec2616a6d820c4ddad839604eacb11cd578f3152b664fdd43855044cab4ed81de35f52903d1aef5b1ff412e1d1a16a07c27dfc6cef173029e2d82155
SSDEEP

3072:YpX8VPhw8Lijy7w9dy1IpEFpUr1hYHPCkGw+BMsYqTYO6HdNhd54i1lGo3Z9NCiT:g8VPhZLij4wDQvp2KvCnMsYqffi393G

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32

Targets

- Target
  
  99d155faa453ff68bc3a207e44e12048.exe
- Size
  
  321KB
- MD5
  
  99d155faa453ff68bc3a207e44e12048
- SHA1
  
  6269686b6db601791cff4d4f76061b239bbdc303
- SHA256
  
  70867d16ba96af0ff04aafa9a6c724942a0345bcd2c98c2003f0810eb92b11db
- SHA512
  
  1b585813ec2616a6d820c4ddad839604eacb11cd578f3152b664fdd43855044cab4ed81de35f52903d1aef5b1ff412e1d1a16a07c27dfc6cef173029e2d82155
- SSDEEP
  
  3072:YpX8VPhw8Lijy7w9dy1IpEFpUr1hYHPCkGw+BMsYqTYO6HdNhd54i1lGo3Z9NCiT:g8VPhZLij4wDQvp2KvCnMsYqffi393G
Score

10^/10

smokeloader sprg backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2