smokeloader | c2293edc9b78e0491302928cc22e8090c24fffda6a346909fc294ba2cd5b750e | Triage

Sharing

General

Target

c2293edc9b78e0491302928cc22e8090c24fffda6a346909fc294ba2cd5b750e
Size

207KB
Sample

241109-jh25pstjhm
MD5

6822713e76b2bf09c7b84dcd2c3a6962
SHA1

de737f0ea0fb9a7ff92e302d7dfe93784ff697ec
SHA256

c2293edc9b78e0491302928cc22e8090c24fffda6a346909fc294ba2cd5b750e
SHA512

f0757ac167ae2825a8e59d6408dfbc0d644efdea68cc08a69c0e7750de20b3c53080a895edc0b7622b3460d000abc36b37135db83074c2352a4b819ef1f15f43
SSDEEP

6144:5EMrkc1KyHsWOyiYit++90Z+UY+4pOD6+Kwshog:5xHsdxYH+M+m44D6+Kwshog

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  99e0aa316be4068244b32eacf062d244b9830118cf3d51d1e4b3f27426860c31
- Size
  
  308KB
- MD5
  
  c4393c6d88954cd6324200e23dea8bd2
- SHA1
  
  20db80d76140cf09171e8f129f057a3a98e86c55
- SHA256
  
  99e0aa316be4068244b32eacf062d244b9830118cf3d51d1e4b3f27426860c31
- SHA512
  
  d7cc17ad0c8bfa8b48a8ecc57d8093ecf92f74c840e33032b5f7d2ffe450da5abcf9bb4b5ff158f41a44d218ebca72c9fa42f2c9a226b98aa018fcd3a22fdf24
- SSDEEP
  
  6144:vTYqLfjOll8VR8GOED7Od54/0yuTPe2KT/Ns3v0En2E1a:vTbLjOlwLL/O74yeJNs3v0Uv
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan