smokeloader | 92c3b23368a36a0a2c21c75f801993e050637e04c7b4fb5254eca2ece3a3552e | Triage

Sharing

General

Target

92c3b23368a36a0a2c21c75f801993e050637e04c7b4fb5254eca2ece3a3552e.exe
Size

37KB
Sample

231231-qpl6dsdgh9
MD5

c987a27d6039ac5216ceed0d8eee2f47
SHA1

d433d0ad4bb55cc85bfb7aeafc9e587ddd0e01d6
SHA256

92c3b23368a36a0a2c21c75f801993e050637e04c7b4fb5254eca2ece3a3552e
SHA512

1c5ec99531885b09c8c37d58f658bd081afd47d854047af6b8f6e98a0927fa6c95c747fe82815c951317b874dd8d24d17e2810962016dabba3b0be3e373d9b03
SSDEEP

768:3E45SLnQpEhOB/hAGflc5xOXhr7gvexzv36:3E4EqEhOPNfqStgvexzv3

Score

10^/10

smokeloader backdoor trojan

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://185.215.113.68/fks/index.php

rc4.i32

rc4.i32

Targets

- Target
  
  92c3b23368a36a0a2c21c75f801993e050637e04c7b4fb5254eca2ece3a3552e.exe
- Size
  
  37KB
- MD5
  
  c987a27d6039ac5216ceed0d8eee2f47
- SHA1
  
  d433d0ad4bb55cc85bfb7aeafc9e587ddd0e01d6
- SHA256
  
  92c3b23368a36a0a2c21c75f801993e050637e04c7b4fb5254eca2ece3a3552e
- SHA512
  
  1c5ec99531885b09c8c37d58f658bd081afd47d854047af6b8f6e98a0927fa6c95c747fe82815c951317b874dd8d24d17e2810962016dabba3b0be3e373d9b03
- SSDEEP
  
  768:3E45SLnQpEhOB/hAGflc5xOXhr7gvexzv36:3E4EqEhOPNfqStgvexzv3
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan