smokeloader | d4b306e4c28d00219a741f8354396015ae16c306cb23a0b4edbaf38b83d49880 | Triage

Sharing

General

Target

d4b306e4c28d00219a741f8354396015ae16c306cb23a0b4edbaf38b83d49880
Size

139KB
Sample

241106-p5mles1cqn
MD5

009c9cd98676d5e42c5fd82aa6feccc5
SHA1

dd07c3c52eeeacf8d417f276ad96fe3b1c948a41
SHA256

d4b306e4c28d00219a741f8354396015ae16c306cb23a0b4edbaf38b83d49880
SHA512

aa5a044c04be0ff530517f07a979cf78b02c4e5706d07623fa95b124d6ab0467e114fdf5f53c3fdb9ed296ed6d45e690c26ffdca3be655477bc77369dce47bd7
SSDEEP

3072:KszyILGLSR4CP6R/DVM/UHUU3UD/Nb9+XuwdoqhTq/0qUQ:KmEM4H/lUU3UD/Nb9++wm2I0o

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd
- Size
  
  231KB
- MD5
  
  ff58b2c40941c7066739fe425f01d928
- SHA1
  
  ea2044c506fcea503f82fe1bc74c031db636aa59
- SHA256
  
  e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd
- SHA512
  
  e42721c6062dc72d5f6141a4bc21140e571259b97443a306debdaea72864d452c8b04429d66743db6915af57ce2ddcff352fe4962fe0eb2ef9b109237502d6a7
- SSDEEP
  
  3072:c5d+LO82n5TfpgX4h2XVCkFLq5c6Ka8tJ/OkZFw7RkxmJZs:cWLp2BOFCkFu57iJ/OkrGymI
Score

10^/10

smokeloader 2023 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoortrojan

behavioral2

smokeloader2023backdoordiscoverytrojan