smokeloader | 139e4d4a472bd379913ccf421d0af8d1e7b86733637c459aa71833d13c5476eb | Triage

Sharing

General

Target

139e4d4a472bd379913ccf421d0af8d1e7b86733637c459aa71833d13c5476eb
Size

333KB
Sample

241104-vhlnhatclf
MD5

51b996134b5bb2d2a5d2a144d8ddff72
SHA1

654f4a5d836f5f879fd1c40b3a25dbf7f4f2850a
SHA256

139e4d4a472bd379913ccf421d0af8d1e7b86733637c459aa71833d13c5476eb
SHA512

172283e0601013116d47729cd9a41f4a32e06f5489c170762d379cfb6f310ffc75093e0ef8ab46ee9a9061a6921fba2dfaafe563f123a514a1689b7fdd42666c
SSDEEP

6144:mj4MLCg8MI2XQm+qYD3k7W148zZ+hp0fBa1nugw:nMn3I25+ZD3kVXhp0fQ1jw

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  139e4d4a472bd379913ccf421d0af8d1e7b86733637c459aa71833d13c5476eb
- Size
  
  333KB
- MD5
  
  51b996134b5bb2d2a5d2a144d8ddff72
- SHA1
  
  654f4a5d836f5f879fd1c40b3a25dbf7f4f2850a
- SHA256
  
  139e4d4a472bd379913ccf421d0af8d1e7b86733637c459aa71833d13c5476eb
- SHA512
  
  172283e0601013116d47729cd9a41f4a32e06f5489c170762d379cfb6f310ffc75093e0ef8ab46ee9a9061a6921fba2dfaafe563f123a514a1689b7fdd42666c
- SSDEEP
  
  6144:mj4MLCg8MI2XQm+qYD3k7W148zZ+hp0fBa1nugw:nMn3I25+ZD3kVXhp0fQ1jw
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan