smokeloader | bd0b889d6a2cf49563559f8497b62429da2872fe90cf2addaa21d507c3386945 | Triage

Sharing

General

Target

bd0b889d6a2cf49563559f8497b62429da2872fe90cf2addaa21d507c3386945
Size

330KB
Sample

241108-s6pc7axmbr
MD5

48fc52e800e5739751405d0ca5dd71ac
SHA1

f9191942857daba06472864fe2d77a676c9e026d
SHA256

bd0b889d6a2cf49563559f8497b62429da2872fe90cf2addaa21d507c3386945
SHA512

13a8bdf8c2ff0a38b5f8bab229bdf7a81a132143aea460a346981cf4aac44fd846692f3b823b18fe91549f033a4f8f705a74ad0ddb873d8af722cccb7e75af82
SSDEEP

6144:uL/tlc/yVciU01WxCZCcUnJSrhVVPE+O1voXc/:ubA2LW0ZCLJ+DO

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  bd0b889d6a2cf49563559f8497b62429da2872fe90cf2addaa21d507c3386945
- Size
  
  330KB
- MD5
  
  48fc52e800e5739751405d0ca5dd71ac
- SHA1
  
  f9191942857daba06472864fe2d77a676c9e026d
- SHA256
  
  bd0b889d6a2cf49563559f8497b62429da2872fe90cf2addaa21d507c3386945
- SHA512
  
  13a8bdf8c2ff0a38b5f8bab229bdf7a81a132143aea460a346981cf4aac44fd846692f3b823b18fe91549f033a4f8f705a74ad0ddb873d8af722cccb7e75af82
- SSDEEP
  
  6144:uL/tlc/yVciU01WxCZCcUnJSrhVVPE+O1voXc/:ubA2LW0ZCLJ+DO
Score

10^/10

smokeloader oct backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoortrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan