smokeloader | 28a53c82bec5b73cba03375ba46ffba64c5db8131792281e84d392359b168c4c | Triage

Sharing

General

Target

2e1020a234f33a0e5e6baff01fc22388
Size

144KB
Sample

241108-vpf2laylbk
MD5

2e1020a234f33a0e5e6baff01fc22388
SHA1

451d3bf15f0c4e5b9a2d218273340dc89c835bc1
SHA256

28a53c82bec5b73cba03375ba46ffba64c5db8131792281e84d392359b168c4c
SHA512

1e9ce2a32317ba6243caab59a68bf747ee8cbf7401daa1cef636cdc976ba6ba8efaac701087a4fec093894b6a792e8e69c066cfe95ace5c6c92fdfd1417de3a4
SSDEEP

3072:1rp8yQdjakCH2W1qdpSJ5+g3QEj849mjy90zce1mHke6Mq567uW:r8yQdRwpqdIJCEj84fnke6MR7r

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  aba64847ee952293c84a41f0ec759a0a4fffe5905d3d895534ebfb28725650d9
- Size
  
  220KB
- MD5
  
  b4e3cdc7543af3bffa67f41012d1ee2f
- SHA1
  
  fab73ca770479a31b63c7cc50685a96d442a6f92
- SHA256
  
  aba64847ee952293c84a41f0ec759a0a4fffe5905d3d895534ebfb28725650d9
- SHA512
  
  61b14ac8868d403b8d549ef06addba6021cce183feda55ec56d26a7f2876603e1361d13436613176bb5d3ae1500e2c8daef72ee9099abebee10d18408898bfc5
- SSDEEP
  
  3072:RPnZ5dGEThw/kL+NwM6k5VrcCVH2WHJRU69/G1f3yhPcnONVQSE:RPZiMLZMVHbJRU69/sfCh0nyN
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan