smokeloader

General

Target

0bccaf21218e7e92ef03951cad131f50ec071085218d2f9235322c135170b24a
Size

232KB
Sample

240213-f3d2tsgd42
MD5

0c02c05fcdda1049ee809cad1b9b5020
SHA1

c84b90f2963b9fb136dfaea5993c2f6216c04e77
SHA256

0bccaf21218e7e92ef03951cad131f50ec071085218d2f9235322c135170b24a
SHA512

1eb1e27496786a42584e475c77bac18af8f60d544ff2baa0745c19fbbf1cd8eee659f7cb821649ce4231fcc31f4a786a5815011146f4ddbc0a54da6173650a69
SSDEEP

6144:j0OLOwXxS++Bfy9qXBRlPbH7JoLArNe5xwA:7SUxL+c9qXdp45x

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://trad-einmyus.com/index.php

http://tradein-myus.com/index.php

http://trade-inmyus.com/index.php

rc4.i32

Targets

- Target
  
  0bccaf21218e7e92ef03951cad131f50ec071085218d2f9235322c135170b24a
- Size
  
  232KB
- MD5
  
  0c02c05fcdda1049ee809cad1b9b5020
- SHA1
  
  c84b90f2963b9fb136dfaea5993c2f6216c04e77
- SHA256
  
  0bccaf21218e7e92ef03951cad131f50ec071085218d2f9235322c135170b24a
- SHA512
  
  1eb1e27496786a42584e475c77bac18af8f60d544ff2baa0745c19fbbf1cd8eee659f7cb821649ce4231fcc31f4a786a5815011146f4ddbc0a54da6173650a69
- SSDEEP
  
  6144:j0OLOwXxS++Bfy9qXBRlPbH7JoLArNe5xwA:7SUxL+c9qXdp45x
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2