smokeloader | 2f7efae13906191bdbb2e387b2d1fbf601d443bccb9d2b84c2402fd77d64a611 | Triage

Sharing

General

Target

2f7efae13906191bdbb2e387b2d1fbf601d443bccb9d2b84c2402fd77d64a611
Size

126KB
Sample

241105-js6wmsxdpa
MD5

34ad25a0104d63f78973c336ff55a36d
SHA1

eae0ab7b60886369f2e88d30d6b4f3bfee0cf46f
SHA256

2f7efae13906191bdbb2e387b2d1fbf601d443bccb9d2b84c2402fd77d64a611
SHA512

74479a233ad95db6b6dbe38e282208da97f7039cac3c2d3c778b4616b0350b253d8238155351242fdd292e20380d23ba9fa0547662d6b1af17a2e1e2969dfc5f
SSDEEP

3072:Dcor8xwPmRsXRFgYwmhiQ+ghzW6NLI/khR/9buM:worH8shFpwIiQ+UzW6ZI/4aM

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  48b427f4d40f61209cb7be06c1d47c13ce73f6ce5887e37228c6f572ab2994c9
- Size
  
  186KB
- MD5
  
  b2850332aeb039fa7d26128c37071815
- SHA1
  
  6df0c8e9c8e6bf078b60ea6dbe869911a08c0646
- SHA256
  
  48b427f4d40f61209cb7be06c1d47c13ce73f6ce5887e37228c6f572ab2994c9
- SHA512
  
  13d32614e506c056c8093b45cfce3d1f9e8b40f82d9d771c7d589d16fc922d4d30d97511d26cf624837108c5b364c3e2f7092b76555845ed107b88c4fe12aa28
- SSDEEP
  
  3072:cIKy4vY2FjL8BgWH/Opk5F42vWBVXgpFoTW6NLI/khRLkeozGMw2AIhe:cPyaL8BgImriWXgpFoTW6ZI/CxoC6Ax
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan