smokeloader | 8699ab17256560a53619b93d1ec03a02324cdaae9d02201b6bedb3b8f89cb0f9 | Triage

Sharing

General

Target

8699ab17256560a53619b93d1ec03a02324cdaae9d02201b6bedb3b8f89cb0f9
Size

268KB
Sample

241108-cwt8pasmcs
MD5

fc127e8f7682564f06638b8451805435
SHA1

a7b3c9d045e81ca66188f04a0baa12909be8ca45
SHA256

8699ab17256560a53619b93d1ec03a02324cdaae9d02201b6bedb3b8f89cb0f9
SHA512

a975e08b3bc6e821cc6dad643af5365a6cb8632aa0ef4fda4cf64c7e4e851ff706147ff0372e4d1bec5d05b6422b580ecc320480223d63336d17948a6c686f47
SSDEEP

3072:3zXOyqNVxeUfX15G0ZglI7mxtkhVY8uxWJZtZmyHr636gtM/h31:bdq5PKlUmxMY8mWJZSO6qgt

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  8699ab17256560a53619b93d1ec03a02324cdaae9d02201b6bedb3b8f89cb0f9
- Size
  
  268KB
- MD5
  
  fc127e8f7682564f06638b8451805435
- SHA1
  
  a7b3c9d045e81ca66188f04a0baa12909be8ca45
- SHA256
  
  8699ab17256560a53619b93d1ec03a02324cdaae9d02201b6bedb3b8f89cb0f9
- SHA512
  
  a975e08b3bc6e821cc6dad643af5365a6cb8632aa0ef4fda4cf64c7e4e851ff706147ff0372e4d1bec5d05b6422b580ecc320480223d63336d17948a6c686f47
- SSDEEP
  
  3072:3zXOyqNVxeUfX15G0ZglI7mxtkhVY8uxWJZtZmyHr636gtM/h31:bdq5PKlUmxMY8mWJZSO6qgt
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan