smokeloader | 919e028e6404fd8b902500a8b28387b2d336fe80ab1a0b3ba9924468a4aee0e2 | Triage

Sharing

General

Target

919e028e6404fd8b902500a8b28387b2d336fe80ab1a0b3ba9924468a4aee0e2
Size

139KB
Sample

241107-j1r3fsydmg
MD5

682a4cc5de83b7c3d59c80745c1f2665
SHA1

0e4296be37d7bf96ff21503063ef0128326629a8
SHA256

919e028e6404fd8b902500a8b28387b2d336fe80ab1a0b3ba9924468a4aee0e2
SHA512

c0785451674919bea22d2e7514e113962ba3ddf8ae05af421a4833e3c4b0c95788607a3010a44f4bfb36b3aca6604141a6c71b801604bfacf6c4a88dc76252c6
SSDEEP

3072:WszyILGLSR4CP6R/DVM/UHUU3UD/Nb9+XuwdoqhTq/0qU4:WmEM4H/lUU3UD/Nb9++wm2I0Q

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd
- Size
  
  231KB
- MD5
  
  ff58b2c40941c7066739fe425f01d928
- SHA1
  
  ea2044c506fcea503f82fe1bc74c031db636aa59
- SHA256
  
  e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd
- SHA512
  
  e42721c6062dc72d5f6141a4bc21140e571259b97443a306debdaea72864d452c8b04429d66743db6915af57ce2ddcff352fe4962fe0eb2ef9b109237502d6a7
- SSDEEP
  
  3072:c5d+LO82n5TfpgX4h2XVCkFLq5c6Ka8tJ/OkZFw7RkxmJZs:cWLp2BOFCkFu57iJ/OkrGymI
Score

10^/10

smokeloader 2023 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoortrojan

behavioral2

smokeloader2023backdoordiscoverytrojan