smokeloader

General

Target

file
Size

242KB
Sample

231011-ntqy2acf3s
MD5

2a26158906c00b20907085703909a035
SHA1

1a980cf2eadcc90834263cfe2766cc464f6572bb
SHA256

4a157f54e3aae591837b2d7284a4deb8a4976a70a3859512c15c8a48310348d3
SHA512

bce610ce973dff4bfeaaacd1e886f606cafec6afdb323bd97444bcbf1633cf0ff7696a3ce04479342e0985b0eeb196c815d2e61aa6d1bb5d3cea09829d6fc9f8
SSDEEP

3072:IW1+mxIFpVHt+hXDk/Owb6zCbRq8eC9HMnHEs5ct6/TrKP:I2GjVglIb6zCdq8eznHyQTY

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://potunulit.org/

http://hutnilior.net/

http://bulimu55t.net/

http://soryytlic4.net/

http://novanosa5org.org/

http://nuljjjnuli.org/

http://tolilolihul.net/

http://somatoka51hub.net/

http://hujukui3.net/

http://bukubuka1.net/

http://golilopaster.org/

http://newzelannd66.org/

http://otriluyttn.org/

rc4.i32

Targets

- Target
  
  file
- Size
  
  242KB
- MD5
  
  2a26158906c00b20907085703909a035
- SHA1
  
  1a980cf2eadcc90834263cfe2766cc464f6572bb
- SHA256
  
  4a157f54e3aae591837b2d7284a4deb8a4976a70a3859512c15c8a48310348d3
- SHA512
  
  bce610ce973dff4bfeaaacd1e886f606cafec6afdb323bd97444bcbf1633cf0ff7696a3ce04479342e0985b0eeb196c815d2e61aa6d1bb5d3cea09829d6fc9f8
- SSDEEP
  
  3072:IW1+mxIFpVHt+hXDk/Owb6zCbRq8eC9HMnHEs5ct6/TrKP:I2GjVglIb6zCdq8eznHyQTY
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Deletes itself

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2