smokeloader | 37cf690fa5fb83e819a97c64af020f95c375afe80377b18b2261e0e9aa1bd837 | Triage

Sharing

General

Target

C1C410655773F828F3241046A69DC03D.zip
Size

226KB
Sample

250113-xwxzsswnhp
MD5

30ad36447dc6d26f66c3506cf91dd623
SHA1

1582081aca251c5c9cca312109b1baf8dd74c2ea
SHA256

37cf690fa5fb83e819a97c64af020f95c375afe80377b18b2261e0e9aa1bd837
SHA512

d2627508c7ddd73902baba26f980b07f8bca05fc63ded8675a93e88134d5e9a37d0a3f56d78e0b323c69eb44e0a05f4590ebbffa2fe66a1ec1363f99c6532650
SSDEEP

6144:fwxVG4xEWxpsOgNDAxfM8ryN5ktaGqwDS4hHh:fwjG4xEWxDBoN2bPDPhB

Score

10^/10

smokeloader sel8 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

sel8

Targets

- Target
  
  C1C410655773F828F3241046A69DC03D
- Size
  
  385KB
- MD5
  
  c1c410655773f828f3241046a69dc03d
- SHA1
  
  b62db3073edeb499470a16308eb89141162404a4
- SHA256
  
  ab8adefae61ec96282b5a1dc32286ac98fbe96b9e41eaf7c4861d5c92abc9ba0
- SHA512
  
  0a4eb187ce61b8f20cda8374d27c314b7eabc790c46ef7b7004e40df6ea50b783c1db76cfaccda37ec1a14e12109a8671c967ad71f7fbc3b63f4f707e3ac585d
- SSDEEP
  
  6144:AYLJtS4esk1EserpDjb+GwD3G3A/WKnoWUB:AY9tJ7uJu3SBD3G3ux+
Score

10^/10

smokeloader sel8 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersel8backdoordiscoverytrojan