smokeloader

Sharing

Copy URL

Twitter E-mail

General

Target

1.exe
Size

210KB
Sample

240629-pkzegsxdpg
MD5

4e44bde7f6f84e7ce196f0e50c1e7f92
SHA1

eaeef05bdb27936123080a9f7d40f463676be208
SHA256

19cd5aee7659c7f0acede05ea290754cc649e72929f66b9c6903fa2c8da0d1cd
SHA512

06f9ca3d6c6a928a586f5b09c5cfe13c5348c45dbbb047da7fb60caf8a6b710ec3dfd5854b3e1a29b777cca2c573b261f7716edbc5d495b56542d014e4715b14
SSDEEP

3072:quWoMdlOhv3B1lvqWRSFbr4ZDvuWwvE4lXihNWoH2pA8:ydlO5nliH4oWwBiM

Score

10^/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

http://evilos.cc/tmp/index.php

http://gebeus.ru/tmp/index.php

http://office-techs.biz/tmp/index.php

http://cx5519.com/tmp/index.php

rc4.i32

Targets

- Target
  
  1.exe
- Size
  
  210KB
- MD5
  
  4e44bde7f6f84e7ce196f0e50c1e7f92
- SHA1
  
  eaeef05bdb27936123080a9f7d40f463676be208
- SHA256
  
  19cd5aee7659c7f0acede05ea290754cc649e72929f66b9c6903fa2c8da0d1cd
- SHA512
  
  06f9ca3d6c6a928a586f5b09c5cfe13c5348c45dbbb047da7fb60caf8a6b710ec3dfd5854b3e1a29b777cca2c573b261f7716edbc5d495b56542d014e4715b14
- SSDEEP
  
  3072:quWoMdlOhv3B1lvqWRSFbr4ZDvuWwvE4lXihNWoH2pA8:ydlO5nliH4oWwBiM
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Deletes itself

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4