smokeloader

General

Target

370470933fa395f9e3fb8b2de0364ce918e370a3dbe1d05ebb000a3d31907af4
Size

152KB
Sample

240417-qz2c3aaa95
MD5

b67cd52112407afdb177bb6414982ab8
SHA1

2c3071293bd41c001509d36fe9e77d71db4cb274
SHA256

370470933fa395f9e3fb8b2de0364ce918e370a3dbe1d05ebb000a3d31907af4
SHA512

c776a0ac43a0b49aecaa5ef2ee3c173dc2e6824b40c2a4d70318808ea00d52d5bf321f261c33f9f0a1b45378608cb0c0c659e2575e50806f9e249e3b41653546
SSDEEP

3072:RruLVb1ynPR8Jf8LAWkwD1v2Yt4mL9Kivf1TL0cIdlNis/CK/p:FIVE8mLAWx1ukL9KKf1TgcEris/CM

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://sjyey.com/tmp/index.php

http://babonwo.ru/tmp/index.php

http://mth.com.ua/tmp/index.php

http://piratia.pw/tmp/index.php

http://go-piratia.ru/tmp/index.php

rc4.i32

Targets

- Target
  
  f856e03efe9736f82094b6fe22d52bea2e93cf753ba411a1a7bff7748d355f50.exe
- Size
  
  241KB
- MD5
  
  b1f9eb2bbac45b63c4d955946e52b9ad
- SHA1
  
  c09501f8c111548ec54403f146ca766d800c7339
- SHA256
  
  f856e03efe9736f82094b6fe22d52bea2e93cf753ba411a1a7bff7748d355f50
- SHA512
  
  f1e3439e2b74a6173d531dc6e6ddfcae42e1ff52f5d67e06b4cd9a6c0e3c9288026b8539571f953a3870f421bfe8fb93f53a1719cecb19c7b2664687fe3ad0f3
- SSDEEP
  
  3072:gCmf2F5pvxIAS5SUr9iaJGF4xMLBuaJszYjflIG5jyWGhW5tdP/Hhdl:gjfqv2AyIaJGyxu2sfL5jXd
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

Peripheral Device Discovery

1

T1120

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2