smokeloader | a5832cbbfc35fbd8eef90dd77d31e40c836802d6d33438ada0620e2ef98fbb7d | Triage

Sharing

General

Target

a5832cbbfc35fbd8eef90dd77d31e40c836802d6d33438ada0620e2ef98fbb7d
Size

155KB
Sample

241110-e7kjqsyrcs
MD5

df3b689cbeba7165e85d2172996c46e8
SHA1

25d9820d3341f7f91bfb42179fd0c1a42225cbe8
SHA256

a5832cbbfc35fbd8eef90dd77d31e40c836802d6d33438ada0620e2ef98fbb7d
SHA512

8a7ea417d7cf0c42951d371c539662a12d9ec73acc1abb3be3a908ff9dadd0a73c2979a5c2633ed5fae2aa88754df1177c8f324be3115d446168ef633f81c78a
SSDEEP

3072:lkKwH168BKErtV4SEvFxun1S/q2DYh0T6xLtbAEqWd/gDO:l4V6eD4hNlqvq6x2Ebd4K

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  a96f4401c42653c7f42e3db14543b4a4dccd9676b44eaf3cb1a011fd578c38a1
- Size
  
  232KB
- MD5
  
  9257463d2cae1849c5a4264752a5bf60
- SHA1
  
  dbd5c1f5da9389956550f5db565d417f93483284
- SHA256
  
  a96f4401c42653c7f42e3db14543b4a4dccd9676b44eaf3cb1a011fd578c38a1
- SHA512
  
  6b5442ca31f2a5beb2a9277c08e7799fd62ba3816e7cf877492b62b756a3fcc257715d2052c626e0472208010d60179ec3e2d6a4801d820995ad0122ceec2adb
- SSDEEP
  
  3072:ezXOsHzLp/cORqaOOlnmVdrr7Dts785mAPvnkjnvCGyXxE8:GdzL2ORqaOMoPDy7vefk2dE8
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan