smokeloader

Sharing

Copy URL

Twitter E-mail

General

Target

19ca88faee3769b393e39b0b53f7ffd1_JaffaCakes118
Size

592KB
Sample

240628-mjhn8sxcqr
MD5

19ca88faee3769b393e39b0b53f7ffd1
SHA1

3e62d03b64aed59dfc73896a9889c0217a7fad33
SHA256

e05c7fcc42723f4fac59df160aea217fbad7aeab5c0caeb9915bd3c54e38fc6a
SHA512

7d43a8d728d8b948fbf81a4cc6c06b3b12142e853f467bf1c6426e24d0752b97759de26450eb031c8d40157aef5be8bb69264e36937a1b661c0b87c71395e040
SSDEEP

6144:txlfxurXPrbF8v3RYQWZI+FxOXoH+pPD2onA9+CEJPxJH1c/J9BquozilfJXnIZ6:xxuznF8vBxyxOBtlAM9JPbVmHoKivBq

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

ku11

Extracted

Family

smokeloader

Version

2020

https://olobus.casa/feedback.php

https://trusho.online/feedback.php

rc4.i32

Targets

- Target
  
  19ca88faee3769b393e39b0b53f7ffd1_JaffaCakes118
- Size
  
  592KB
- MD5
  
  19ca88faee3769b393e39b0b53f7ffd1
- SHA1
  
  3e62d03b64aed59dfc73896a9889c0217a7fad33
- SHA256
  
  e05c7fcc42723f4fac59df160aea217fbad7aeab5c0caeb9915bd3c54e38fc6a
- SHA512
  
  7d43a8d728d8b948fbf81a4cc6c06b3b12142e853f467bf1c6426e24d0752b97759de26450eb031c8d40157aef5be8bb69264e36937a1b661c0b87c71395e040
- SSDEEP
  
  6144:txlfxurXPrbF8v3RYQWZI+FxOXoH+pPD2onA9+CEJPxJH1c/J9BquozilfJXnIZ6:xxuznF8vBxyxOBtlAM9JPbVmHoKivBq
Score

10^/10

smokeloader ku11 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2