smokeloader | bd0e8286d947d1b864dde9370a5ca8aa158c008aa8e957f08ab3a8d5ce177f97 | Triage

Sharing

General

Target

bd0e8286d947d1b864dde9370a5ca8aa158c008aa8e957f08ab3a8d5ce177f97
Size

144KB
Sample

241108-dg962awngr
MD5

1773b0b0dde7fa9eb594fdfa56b949e1
SHA1

7cee55a87557321fa21b56eb450c8f3d5a50b18b
SHA256

bd0e8286d947d1b864dde9370a5ca8aa158c008aa8e957f08ab3a8d5ce177f97
SHA512

7ec45eb92bbeb6d71ebfeb4691d723f4d3f02bda07668939232341e02d58b811c63488dd9ff565b42fa841b06f42d6c36005b4caabcbbe0b72e0d11b3a2505f7
SSDEEP

3072:4JG+hfz8XRNn0EiloNIjCBa4AzSMHZoMZnQJVRRsXi3n1x:Rgfz8ROEit0MZHQn

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  39997de78fcb3d9248938880919c435e00587b1003de7a85aaa88045594bfe0e
- Size
  
  220KB
- MD5
  
  17be0d0a5913e66c730abe5adb4813b0
- SHA1
  
  ed8b16e29c9e8bd086186311de0a4639bb530f23
- SHA256
  
  39997de78fcb3d9248938880919c435e00587b1003de7a85aaa88045594bfe0e
- SHA512
  
  78119297c05e409b2781d1f26d30ac8f876f0a28ca9156bb1850687fc43bfe4579d5a9953fd86900a7eb490e86de719046835fe097a34572bfc7aa0b41f7d662
- SSDEEP
  
  3072:PaYh5dYYTwJAhNLFSw2K6kk5WpQO9Pkq/R13y/VJ6KkrDAEB6R:PaY0FiLv2KB2ydR12Cr76
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan