smokeloader | ea47678ab51ce9be2dcff613ef719577e61e70d90ace3765f1f37f607498d163 | Triage

Sharing

General

Target

ea47678ab51ce9be2dcff613ef719577e61e70d90ace3765f1f37f607498d163
Size

126KB
Sample

241110-ynnltsxkam
MD5

8aaff72e59d3f0129d2d714544ccbb82
SHA1

ab2f96ce03227f275b13598dfa25770fbf90516e
SHA256

ea47678ab51ce9be2dcff613ef719577e61e70d90ace3765f1f37f607498d163
SHA512

d5717bee790e60aea73471de50b5062cb2be94731c3b4a3cfcf10e86f928225733fff5b20dea45e62423608f08bf8184fafb463e47aa15e786ae52d09d5761d9
SSDEEP

3072:4cFM0qAPNYDRxMhakp9f4+ASelAPsa30iAC7exGgF:4ibqA1YDGttYAUa30iACyGW

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  cf97c18ec20c079266cb88e42320bfee2df94f4f0d224181a48e835243fe12ec
- Size
  
  186KB
- MD5
  
  5069f44cd093801cf03bd898c9b48e96
- SHA1
  
  4ea17220deb555993077bf8db36304d178a14d60
- SHA256
  
  cf97c18ec20c079266cb88e42320bfee2df94f4f0d224181a48e835243fe12ec
- SHA512
  
  f272aa7fcca9032bfdb799109abac392514f18c4a79c14faa79f1c8a50ccd2016d82e490f4f6e1e2ff1185d364fc45a510349cd953af0820a93b6ee8193da453
- SSDEEP
  
  3072:2spCWmbe2lVWkrn5bVV0L8VelAPsa30iAC7e5wRP/nt:2sWL/H2AUa30iAC4wRnnt
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan