smokeloader | 1f3328d938351194eb59014d7bce5a4f655f6ed265b045d128fbffbe0dc81508 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a41bbace914d9256ca4a89d720d0952.bin
Size

27KB
Sample

230801-bxs7cacd38
MD5

082a4c16597b67c7dc08dd4e0a594c66
SHA1

2f0b87a8801795e752beca79f4539c71598116d3
SHA256

1f3328d938351194eb59014d7bce5a4f655f6ed265b045d128fbffbe0dc81508
SHA512

6ed211b9e048461763f6bc042ba2f1c7b4e238149797c0277370bffdc3af3438d90f4ff809f971ea5d67a1b118ac6b85f97e22c184f814e2028fabd7373868da
SSDEEP

384:8IWu1OAdtZg3+4GJhkcw0prDPcuhjDQpX3VFfFvlJ6V8dhWNRL0FoZFgtYZv5OyQ:RMAdPzVQg1DUuh/Ufp6V8d4r1ZF94DRh

Score

10^/10

smokeloader backdoor trojan

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://77.91.68.29/fks/

rc4.i32

rc4.i32

Targets

- Target
  
  1fe6ca4f2864852e7f2436b13b70092802cbe67fa06d118eccf34b1555825ac5.exe
- Size
  
  34KB
- MD5
  
  5a41bbace914d9256ca4a89d720d0952
- SHA1
  
  e62e4d660ec82b1090e41601edff4ebb6799f941
- SHA256
  
  1fe6ca4f2864852e7f2436b13b70092802cbe67fa06d118eccf34b1555825ac5
- SHA512
  
  0bd6cd26b6256598595f8f0efcdb1724d9532a621480b354a306ec6451b04923baecadfd8e623b0525f36eae72010de9a7e371a421bc7236dcf25771a0058371
- SSDEEP
  
  384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan