smokeloader | 60cd6f3b93a00334086dcd81d96069b7f71270855a39fd394c0e5c7323b9c360 | Triage

Sharing

General

Target

60cd6f3b93a00334086dcd81d96069b7f71270855a39fd394c0e5c7323b9c360
Size

303KB
Sample

241110-gmm58s1cnk
MD5

b951be13b546d66111dc5a4b9e640c8c
SHA1

ca3e6fa65a11fe2dc04fd106908d4962dfa652f0
SHA256

60cd6f3b93a00334086dcd81d96069b7f71270855a39fd394c0e5c7323b9c360
SHA512

ed0a3f57bb9ac7b68dadd37bc13091aef2200b4dde6ae61441bdd789c73bd41eb68ad6d2186d322cdd6959571432c334a81e0b2a294756196bd778ecaf43febd
SSDEEP

3072:+Y6xbN92uWZ4iRRV0C7OLVaH5BGBXhm5HLg3i6NwWtOMf22tThsNbNweGj+Qo6hO:xebNGFRAkH5BGBR9L322tThsIeGjY6

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  60cd6f3b93a00334086dcd81d96069b7f71270855a39fd394c0e5c7323b9c360
- Size
  
  303KB
- MD5
  
  b951be13b546d66111dc5a4b9e640c8c
- SHA1
  
  ca3e6fa65a11fe2dc04fd106908d4962dfa652f0
- SHA256
  
  60cd6f3b93a00334086dcd81d96069b7f71270855a39fd394c0e5c7323b9c360
- SHA512
  
  ed0a3f57bb9ac7b68dadd37bc13091aef2200b4dde6ae61441bdd789c73bd41eb68ad6d2186d322cdd6959571432c334a81e0b2a294756196bd778ecaf43febd
- SSDEEP
  
  3072:+Y6xbN92uWZ4iRRV0C7OLVaH5BGBXhm5HLg3i6NwWtOMf22tThsNbNweGj+Qo6hO:xebNGFRAkH5BGBR9L322tThsIeGjY6
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan