smokeloader | 056ae47eb36ac185cd11a4f320bbe717653a3f915a1ad47a1e488b43799e7f87 | Triage

Sharing

General

Target

056ae47eb36ac185cd11a4f320bbe717653a3f915a1ad47a1e488b43799e7f87
Size

336KB
Sample

241108-xv7slsxhpl
MD5

fb9db509a289692e5d251a1f96c027ac
SHA1

5a2468fc5b6a65dbd187e99a5cd5cf4e0f03cae2
SHA256

056ae47eb36ac185cd11a4f320bbe717653a3f915a1ad47a1e488b43799e7f87
SHA512

91a1d5ae61dedca4a0a3e3786980dd15333bb79cdadb729ffe4f80e762f978794719f0153a9e7426a8aacad8305b1f4a09942c966962b0b5f0686243f4849545
SSDEEP

3072:B+ylDjBs8JEH7SBKi+u/LBdFpzj6LxpjknFuq/YMmz+PlCmfG7lOmV25lFE1miUI:YIOSQMdbSLD+FuqnJCZhVV4E+O13oXc

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  056ae47eb36ac185cd11a4f320bbe717653a3f915a1ad47a1e488b43799e7f87
- Size
  
  336KB
- MD5
  
  fb9db509a289692e5d251a1f96c027ac
- SHA1
  
  5a2468fc5b6a65dbd187e99a5cd5cf4e0f03cae2
- SHA256
  
  056ae47eb36ac185cd11a4f320bbe717653a3f915a1ad47a1e488b43799e7f87
- SHA512
  
  91a1d5ae61dedca4a0a3e3786980dd15333bb79cdadb729ffe4f80e762f978794719f0153a9e7426a8aacad8305b1f4a09942c966962b0b5f0686243f4849545
- SSDEEP
  
  3072:B+ylDjBs8JEH7SBKi+u/LBdFpzj6LxpjknFuq/YMmz+PlCmfG7lOmV25lFE1miUI:YIOSQMdbSLD+FuqnJCZhVV4E+O13oXc
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan