Overview

overview

10

Static

static

3

traf.exe

windows7-x64

10

traf.exe

windows10-2004-x64

10

traf.exe

windows10-ltsc 2021-x64

10

traf.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    traf.exe

  • Size

    13KB

  • Sample

    250123-bzcmdawqcq

  • MD5

    77947379b9e26603db5a24e63d9e68fc

  • SHA1

    7f4f613ab87573b7d69b66b0fedb01db65878961

  • SHA256

    4d2bed7b84733fd0b18cdc6c01aa7518d62981d4d0e633c00caa648d0e188937

  • SHA512

    50601dd57160732f1d3e4f6b27a77e5bf4d06ce51e5d35454550c3c9b45662e28a2ada3f6f60541c622131f28c84e7c6cabf2adf1e29d0294b058536d1a0953a

  • SSDEEP

    192:vBAlEMZWAY5nCtCY61l40CMvPSohzWLz5xWfgOQ/muu/d5THm4Ot0O:JAnLAXNy/m3/bTK0O

Score
10/10
smokeloaderbackdoordiscoverytrojan

Malware Config

Extracted

Family

smokeloader

Version

2017

C2

http://dogewareservice.ru/

Targets

    • Target

      traf.exe

    • Size

      13KB

    • MD5

      77947379b9e26603db5a24e63d9e68fc

    • SHA1

      7f4f613ab87573b7d69b66b0fedb01db65878961

    • SHA256

      4d2bed7b84733fd0b18cdc6c01aa7518d62981d4d0e633c00caa648d0e188937

    • SHA512

      50601dd57160732f1d3e4f6b27a77e5bf4d06ce51e5d35454550c3c9b45662e28a2ada3f6f60541c622131f28c84e7c6cabf2adf1e29d0294b058536d1a0953a

    • SSDEEP

      192:vBAlEMZWAY5nCtCY61l40CMvPSohzWLz5xWfgOQ/muu/d5THm4Ot0O:JAnLAXNy/m3/bTK0O

    Score
    10/10
    smokeloaderbackdoordiscoverytrojan

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Smokeloader family

      smokeloader

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks