smokeloader | 3fcb4e832ab53c5fcad104560ae13ccf19d21fd1239c7dc44da0ca9dcdfbd3d4 | Triage

Sharing

General

Target

f1600e5839d2068545f0f86c8c78463c
Size

165KB
Sample

241107-e7fksaxrcp
MD5

f1600e5839d2068545f0f86c8c78463c
SHA1

40f29ea1e9d40ea0d9a21a0d22ada15141d650dc
SHA256

3fcb4e832ab53c5fcad104560ae13ccf19d21fd1239c7dc44da0ca9dcdfbd3d4
SHA512

955db47c648169c4d2dbc5904a0ec85066f346df24b71e510770d18ed5341fce708f15f2df5aa5f607020fd61ebaae4b174e95c0e37f9349ebf951d180bebce0
SSDEEP

3072:KVpKQiGp8GCKWEgropNVl19kT1gOo7DpaCXTE+OlYKXJzSSdk:KVpGGCjE+opNVl1IOUwT6vX1dk

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  ed57896c997e7bcfce0a5cd13d1107ee3ea4e1b2f8eb8183eaa7de85b7c70d06.exe
- Size
  
  259KB
- MD5
  
  ae1d34fef8efe214c82222ebbe69651b
- SHA1
  
  6cde32b7080c7f655fe66c5b5fb178ccfd985225
- SHA256
  
  ed57896c997e7bcfce0a5cd13d1107ee3ea4e1b2f8eb8183eaa7de85b7c70d06
- SHA512
  
  b0f7705e62cc1d2c97d51148e4d815e7eba4b97d3eb4e71b6d79d939175895ac6d45fe7ab8a19d13273338ce4e9680209cb5a027703e0fea438d54df5fbfb7e4
- SSDEEP
  
  3072:HXOTHLaL+gAx3TSG1mj5VI9HdXDyWRto0x4+ablErtV7d5PmLDedNaFGM/h3m:3YHOL+fTt1SIBdX/oi+irtV7d4ON4G
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan