smokeloader | b8a5f19f292cf2f6a2ef5fe87887cbeb85fdf076a78f609ddfaa3645e0d718db | Triage

Sharing

General

Target

38c107dace680f31a279718d64f1e8e4113e3db9
Size

146KB
Sample

241110-xtltrawnak
MD5

5358f34e5e10671237fac83d84334f3a
SHA1

38c107dace680f31a279718d64f1e8e4113e3db9
SHA256

b8a5f19f292cf2f6a2ef5fe87887cbeb85fdf076a78f609ddfaa3645e0d718db
SHA512

569b2b726019ced8c7ba989554527f5a4b237d01085b5100a3e642a276c62897f25f4a8690bfd630fac56013913b42b97539e6802a5261302a77a26cfeb8f120
SSDEEP

3072:ovgza7vf0fpXlOUGS6+mmbr7yqEgV9WsbZ+mJP4uUu/K1nL+:o4kWVC+mITHV9WsxJCu/kL+

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  6e97d9c785e06a908dd538dee31c9ccb74a5b440eb62c78a0a62a6a9f87694ff
- Size
  
  286KB
- MD5
  
  05934d16d80c5de12d3f393c235cc2b6
- SHA1
  
  c5119c1acc02d4dfc8f768da8cc0a3815c14aabf
- SHA256
  
  6e97d9c785e06a908dd538dee31c9ccb74a5b440eb62c78a0a62a6a9f87694ff
- SHA512
  
  1946a11050daadd4bec35c44dad8f9e75528268c5da3f5ee51be18322b2c8bb1632ddbde02e5913c0f16080755b30e32fa7997bcb30243f66baf89a2f60c7f91
- SSDEEP
  
  3072:FO9rWWjzeH45h45EIG+0QTbXDAXgV9WsbZ+mdNMvjMZuamORtG4E:FjWj1jJFWBV9WsxdmjMNmODG
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan