smokeloader | f0c4e793957b0d1edd2408476e864fa88aac3253275a636524c69508c6ee4162 | Triage

Sharing

General

Target

f0c4e793957b0d1edd2408476e864fa88aac3253275a636524c69508c6ee4162
Size

185KB
Sample

241108-k7ftfazdnh
MD5

a5e6406eba902784501db05cbd2be89b
SHA1

1176ea0ecf2d9bebf5903c6a2856f916f3410484
SHA256

f0c4e793957b0d1edd2408476e864fa88aac3253275a636524c69508c6ee4162
SHA512

6c25db16ec83d1bca1dd3a1c8a2e7a33db9270031cfd97ad57d36a200b31e9c9f451f5d8a78b653eb4a9f22a28f7d8fc3f078d080e8630e5d2fc6c2c1285342a
SSDEEP

3072:Vln8NABxVWWNJcg5k5v81CNnH5B21bMX+hKKCUxPEuX/Xz:V9hffNUl8qUbMX+hKK5xPbP

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  f0c4e793957b0d1edd2408476e864fa88aac3253275a636524c69508c6ee4162
- Size
  
  185KB
- MD5
  
  a5e6406eba902784501db05cbd2be89b
- SHA1
  
  1176ea0ecf2d9bebf5903c6a2856f916f3410484
- SHA256
  
  f0c4e793957b0d1edd2408476e864fa88aac3253275a636524c69508c6ee4162
- SHA512
  
  6c25db16ec83d1bca1dd3a1c8a2e7a33db9270031cfd97ad57d36a200b31e9c9f451f5d8a78b653eb4a9f22a28f7d8fc3f078d080e8630e5d2fc6c2c1285342a
- SSDEEP
  
  3072:Vln8NABxVWWNJcg5k5v81CNnH5B21bMX+hKKCUxPEuX/Xz:V9hffNUl8qUbMX+hKK5xPbP
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan