smokeloader | 3b52fde3e105efc5c20b03fb9cf448283d40b88fdd05cbca69e08480d01a96f7 | Triage

Sharing

General

Target

3b52fde3e105efc5c20b03fb9cf448283d40b88fdd05cbca69e08480d01a96f7
Size

128KB
Sample

241111-bfbwqsyfpj
MD5

96372a118894e54a37bec086271e8bf3
SHA1

3cc6c8eed85280fc5d0322238aeca4acf9e4315e
SHA256

3b52fde3e105efc5c20b03fb9cf448283d40b88fdd05cbca69e08480d01a96f7
SHA512

d1f78876b1f0452fd02b92c64fce0ab29631cd1718ced992e40a3e2afc0942bde9119c6d9f99bb3510b79aa31fa5551f4f54d17f66ea2d1228da322d4a799400
SSDEEP

3072:ElufYGp/m1vsfM783Ovh6Ed2CP5F9LKgOIgP//6hg+d:kvsMrOy7Dkl+d

Score

10^/10

smokeloader oct backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

oct

Targets

- Target
  
  c7352ffc1a2dd826db19412ef007414c54f9e057828bbe0602a82ee68e6870c1
- Size
  
  188KB
- MD5
  
  c9e137c78399841859bbb149693d3885
- SHA1
  
  699f9f4e5deeb99f9eb3e343676e92baf1be9aeb
- SHA256
  
  c7352ffc1a2dd826db19412ef007414c54f9e057828bbe0602a82ee68e6870c1
- SHA512
  
  19ddfba0eb74950fd37e0fe57207fcd2e19bef82d94604019c1de0bbc77776007c58a0e278b61e0807a19fde7e0f0b54b3d5d133f6c7acdefea3b82089633676
- SSDEEP
  
  3072:edXBBskGWrUkL1CaKrkDMRVRWTS3JRIgP//6hgq89cOK5K:yBOXWIkLwaKrakYklqKT/
Score

10^/10

smokeloader oct backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderoctbackdoordiscoverytrojan

behavioral2

smokeloaderoctbackdoordiscoverytrojan