smokeloader | 3f93606e653ee2c2fb1664a4633367da575733d4aa0f50277008d87c72680311 | Triage

Sharing

General

Target

3f93606e653ee2c2fb1664a4633367da575733d4aa0f50277008d87c72680311
Size

137KB
Sample

241104-t4fhyashpg
MD5

ce1207ab2dc61ba4d03d57743f6329da
SHA1

d6d694632968a5cc29b4ce64538a9b6565e59006
SHA256

3f93606e653ee2c2fb1664a4633367da575733d4aa0f50277008d87c72680311
SHA512

5696bd8f4a88078741ec3a6ab89f831f752b494a01b12e7bd35e1e8c3c23695dcc01faa529807e96ef4e5f2c606008f99d4bf2f60ea91ec98ccaed198a15a1a8
SSDEEP

3072:RYOZyYM9saiidA6g5BftOTjlxWDYOTvUAMPcvKGXT/fjjjL1ssqZ:RbZbM9sXBlOTjlBEvUAAcNDDjH1n6

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  3b8409c6898fc6964b3fce9422d1cc2786a4cafe6ac25642d882ff5036fb7e1a
- Size
  
  211KB
- MD5
  
  d629e4ab96081d92b09dbb3bdae37e3e
- SHA1
  
  596a57341a04348eb052f68bb28a4b66870b22b8
- SHA256
  
  3b8409c6898fc6964b3fce9422d1cc2786a4cafe6ac25642d882ff5036fb7e1a
- SHA512
  
  180370818a7d3e1d8d0db7b6431f952fff61ca877829c8bd37801743f9a8a33b044111fb9f4d0c7f89beff2f0f25d22be8bd03d1f8958d50270f18a54061ea09
- SSDEEP
  
  3072:YX5wr1ud5/LX8Y7XdC15C+vsd50CQzP/TvUAMPcvKGsZhXSOwVK1GSP:sjP/LpXdCRvsY/DvUAAcNUX9wVK
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan