smokeloader | dd18bd70d8ffe4caf2ee06ec2d6192b761ff4c44c1c70140044ece91a1fff601 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ba18356c03fad5232fdae6efb217d2f.exe
Size

45KB
Sample

230819-bf3pfsfe22
MD5

1ba18356c03fad5232fdae6efb217d2f
SHA1

1269d8e565d8298ec27035011deb0dd9632d453a
SHA256

dd18bd70d8ffe4caf2ee06ec2d6192b761ff4c44c1c70140044ece91a1fff601
SHA512

a4633a4c49e77cb67616fbf38341455c4eec8d2f49748ccee95f5b9fa5f5555df672b1780e900f29172388d6022aa15cec9489cbed5946fa896b03f6cde75e0d
SSDEEP

384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW

Score

10^/10

smokeloader backdoor trojan

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://77.91.68.29/fks/

rc4.i32

rc4.i32

Targets

- Target
  
  1ba18356c03fad5232fdae6efb217d2f.exe
- Size
  
  45KB
- MD5
  
  1ba18356c03fad5232fdae6efb217d2f
- SHA1
  
  1269d8e565d8298ec27035011deb0dd9632d453a
- SHA256
  
  dd18bd70d8ffe4caf2ee06ec2d6192b761ff4c44c1c70140044ece91a1fff601
- SHA512
  
  a4633a4c49e77cb67616fbf38341455c4eec8d2f49748ccee95f5b9fa5f5555df672b1780e900f29172388d6022aa15cec9489cbed5946fa896b03f6cde75e0d
- SSDEEP
  
  384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan