smokeloader

General

Target

file
Size

293KB
Sample

231012-gtbe1sbd5w
MD5

a1aa8147375aa92330e85b32e230d011
SHA1

2fe504bee079a34810af5f52119f2047d01ea201
SHA256

a75a17d5d6e67b7176950ecf69d2b96aebd7a01b3ce353e3ce075af056b583d1
SHA512

90710b49dc0e371df9191d5f14cbc5aac00a5a3cc47d2b1d755d8cd44e5a9c401b613ad7cfb0787dcba3c260a7e46f864576409809e5202fc298b4be95994509
SSDEEP

6144:oioBS0SxFUbzgmO5hx82LQ7oTzghjg8Z:oioArxnxTdHwk8

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://potunulit.org/

http://hutnilior.net/

http://bulimu55t.net/

http://soryytlic4.net/

http://novanosa5org.org/

http://nuljjjnuli.org/

http://tolilolihul.net/

http://somatoka51hub.net/

http://hujukui3.net/

http://bukubuka1.net/

http://golilopaster.org/

http://newzelannd66.org/

http://otriluyttn.org/

rc4.i32

Targets

- Target
  
  file
- Size
  
  293KB
- MD5
  
  a1aa8147375aa92330e85b32e230d011
- SHA1
  
  2fe504bee079a34810af5f52119f2047d01ea201
- SHA256
  
  a75a17d5d6e67b7176950ecf69d2b96aebd7a01b3ce353e3ce075af056b583d1
- SHA512
  
  90710b49dc0e371df9191d5f14cbc5aac00a5a3cc47d2b1d755d8cd44e5a9c401b613ad7cfb0787dcba3c260a7e46f864576409809e5202fc298b4be95994509
- SSDEEP
  
  6144:oioBS0SxFUbzgmO5hx82LQ7oTzghjg8Z:oioArxnxTdHwk8
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Deletes itself

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2