smokeloader | fbd7ee30cd1e9bbf7449844f40cf7488a0c14d8b08756933f3a4e20b1e168480 | Triage

Sharing

General

Target

fbd7ee30cd1e9bbf7449844f40cf7488a0c14d8b08756933f3a4e20b1e168480
Size

157KB
Sample

241109-c1yfxavhrn
MD5

d98f12ad7f957d16c8e59baa3aa1349c
SHA1

6af1ef27a302b4b4a239e3ee6aa1516711a8b83f
SHA256

fbd7ee30cd1e9bbf7449844f40cf7488a0c14d8b08756933f3a4e20b1e168480
SHA512

1df56033228a1c3196ffa0c9d56cfb4bc547061bdd733c18de70e514ca111ad5b663f39f5e498181adc1d58337641a535ac88a41589dac3adc661023b6216d19
SSDEEP

3072:7agX+bwNtCOnKOEaKWHKSob0/mNCQGX8m65Vpnxfh+R6b9AwKV:CcNtCWxNoY/mNCQGXxC5xfO0Awy

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  82b006ca48e7abf59cb59050eb286b8d7e14374637d11170a569a12a63de74f7
- Size
  
  286KB
- MD5
  
  37ce83ce94515aa5df8c065b7f31c024
- SHA1
  
  b849d8df833bdc5327ac6c719017a16123bde31d
- SHA256
  
  82b006ca48e7abf59cb59050eb286b8d7e14374637d11170a569a12a63de74f7
- SHA512
  
  74ffe6382a92ee589c4413ab27e8fd56d38d778d5bab3a00d01ccf5b836da53ca0246d4daa71369e7134116d17c4c0b9e3088933112ee044dad395fd14ccee8a
- SSDEEP
  
  6144:0UEv+LWruMK90d3Z1p1/mNCQGXx3fTNKM0rc:0UEWM20tZ1m4DxbAJc
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan