smokeloader | 0a8ba964357c30bbd901e608fb6b546f986bc970df9adf1793aa6d28bd120aa9 | Triage

Sharing

General

Target

55983db3c5135138588e13c0265322f14d585f2e
Size

128KB
Sample

241108-xry2asxfke
MD5

1faacd119c2bdb6b5ffc2b758ababad6
SHA1

55983db3c5135138588e13c0265322f14d585f2e
SHA256

0a8ba964357c30bbd901e608fb6b546f986bc970df9adf1793aa6d28bd120aa9
SHA512

babd910cd393a2ceebc45a4c512feffb8677d70432a2739861593a60d13948d229df65e6b0f2a34be082bc5dc6e10955ba91c0f2d1cb92623ca903ff6d4d474d
SSDEEP

3072:djP5YqyKxBzO0UUDiQVO1R7wIWKFmPQhRCYASAX1:bYBKLONcR07sKwBRZ1

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  b52004b95a999d0237fa1699a317917752fbb7905a197b4f1689e0db76cbede6
- Size
  
  188KB
- MD5
  
  ec9bd2b4a739e85245951835ed80e2d9
- SHA1
  
  0ebcc934abc3b5b739fbdd9268f06d82dfac1699
- SHA256
  
  b52004b95a999d0237fa1699a317917752fbb7905a197b4f1689e0db76cbede6
- SHA512
  
  643f51d1fc408859880198a069314e2118370866e3577bd6e86b6b6cca65a81d95c74bf8669e73fbaaf9b9969d7d18e6b346a84022e79d601c0be39aee60649d
- SSDEEP
  
  3072:YlXNH1tYM3LKfCOqKfRP2C5litzSKFmPQhRCY0Zd7KOQ:YhDLKfCOqLCatzSKwBjl
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan