smokeloader

General

Target

file
Size

310KB
Sample

231011-3b77xsbd8t
MD5

a6e293deb8a7f51a306f4129bd1e0468
SHA1

26587da8f2fba983e2cac67d4e2bc1a692eced25
SHA256

a9745e8b2c41acee769ec0e28c1d73adb4d664a93da8724ff187bcdcb2994e12
SHA512

ee44e03101b8c65571213eb9d8483d559b8a1f405e4d2e17ef3e99a00d8dbb08da33ae771a9a2ea97bdf96c46cabacec4d0cfc64c271bd0997fd0c316a036b9e
SSDEEP

6144:J7rslT/knvHRbSU3Cm+T+pPCbIG51HmPIL:dkTsvHNSUymhC04GP4

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://potunulit.org/

http://hutnilior.net/

http://bulimu55t.net/

http://soryytlic4.net/

http://novanosa5org.org/

http://nuljjjnuli.org/

http://tolilolihul.net/

http://somatoka51hub.net/

http://hujukui3.net/

http://bukubuka1.net/

http://golilopaster.org/

http://newzelannd66.org/

http://otriluyttn.org/

rc4.i32

Targets

- Target
  
  file
- Size
  
  310KB
- MD5
  
  a6e293deb8a7f51a306f4129bd1e0468
- SHA1
  
  26587da8f2fba983e2cac67d4e2bc1a692eced25
- SHA256
  
  a9745e8b2c41acee769ec0e28c1d73adb4d664a93da8724ff187bcdcb2994e12
- SHA512
  
  ee44e03101b8c65571213eb9d8483d559b8a1f405e4d2e17ef3e99a00d8dbb08da33ae771a9a2ea97bdf96c46cabacec4d0cfc64c271bd0997fd0c316a036b9e
- SSDEEP
  
  6144:J7rslT/knvHRbSU3Cm+T+pPCbIG51HmPIL:dkTsvHNSUymhC04GP4
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Deletes itself

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2