smokeloader | 0ee0b221a66364634a9a17f545a5c969add6e4ea5489dad665f3376c9712f9b8 | Triage

Sharing

General

Target

94e02786e55686b320a864d8e653f9f6a6778f95
Size

188KB
Sample

241105-rm6mpaseme
MD5

356f0831694fb49e590da55f15f78c4a
SHA1

94e02786e55686b320a864d8e653f9f6a6778f95
SHA256

0ee0b221a66364634a9a17f545a5c969add6e4ea5489dad665f3376c9712f9b8
SHA512

21a815fe0b01fe6b0b53ca0889eb961e5a6497c870ccc849f1e6ceb63b699f709896f230f08756861c8cde1cc746d6a79a5c15ce9dfb3462d94c35e08a929f40
SSDEEP

3072:TkXFAflwTuLMovgkA7RbcuwBmOhBxuRMXlwntdn3+VHsvnc:MFUpLMovgk9bmOu+in73+VHsvc

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  94e02786e55686b320a864d8e653f9f6a6778f95
- Size
  
  188KB
- MD5
  
  356f0831694fb49e590da55f15f78c4a
- SHA1
  
  94e02786e55686b320a864d8e653f9f6a6778f95
- SHA256
  
  0ee0b221a66364634a9a17f545a5c969add6e4ea5489dad665f3376c9712f9b8
- SHA512
  
  21a815fe0b01fe6b0b53ca0889eb961e5a6497c870ccc849f1e6ceb63b699f709896f230f08756861c8cde1cc746d6a79a5c15ce9dfb3462d94c35e08a929f40
- SSDEEP
  
  3072:TkXFAflwTuLMovgkA7RbcuwBmOhBxuRMXlwntdn3+VHsvnc:MFUpLMovgk9bmOu+in73+VHsvc
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan