smokeloader

General

Target

01541599.exe
Size

274KB
Sample

230530-jmrjrsge61
MD5

1f95b8c2dc09a84f6a9fe6f74dbf7d96
SHA1

35f2c55596e43c2887d70a172d452fc5ac36835d
SHA256

9892c10b94bbb90688cdc3dd6d51f3343b9cc19069fa4c1fe3594600a3d03330
SHA512

7d7bf42a7df0ec4dcf0f8ac891bee60871ddc45c9887d8b5022dcddc27fae7afdd2134370f1a5ac898c364c5d702e9fb84b496d7c8a253fefd96d65715ba563c
SSDEEP

3072:pD8qOVO6HzqC1fCwNQrRLwY8xzIbbTDnxG5JU1DAY2L0a5M6:F8qOVOjtwNQrRLwY8x8bbTD0Oa5

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://polinamailserverip.ru/

http://lamazone.site/

http://criticalosl.tech/

http://maximprofile.net/

http://zaliphone.com/

http://humanitarydp.ug/

http://zaikaopentra.com.ug/

http://zaikaopentra-com-ug.online/

http://infomalilopera.ru/

http://jskgdhjkdfhjdkjhd844.ru/

http://jkghdj2993jdjjdjd.ru/

http://kjhgdj99fuller.ru/

http://azartnyjboy.com/

http://zalamafiapopcultur.eu/

http://hopentools.site/

http://kismamabeforyougo.com/

http://kissmafiabeforyoudied.eu/

http://gondurasonline.ug/

http://nabufixservice.name/

http://filterfullproperty.ru/

rc4.i32

Targets

- Target
  
  01541599.exe
- Size
  
  274KB
- MD5
  
  1f95b8c2dc09a84f6a9fe6f74dbf7d96
- SHA1
  
  35f2c55596e43c2887d70a172d452fc5ac36835d
- SHA256
  
  9892c10b94bbb90688cdc3dd6d51f3343b9cc19069fa4c1fe3594600a3d03330
- SHA512
  
  7d7bf42a7df0ec4dcf0f8ac891bee60871ddc45c9887d8b5022dcddc27fae7afdd2134370f1a5ac898c364c5d702e9fb84b496d7c8a253fefd96d65715ba563c
- SSDEEP
  
  3072:pD8qOVO6HzqC1fCwNQrRLwY8xzIbbTDnxG5JU1DAY2L0a5M6:F8qOVOjtwNQrRLwY8x8bbTD0Oa5
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2