smokeloader | ff0d6f0dfe38dc28a2f053a74f67a88d26d27a9aaa66c5a9f270d413e7fa6f4c | Triage

Sharing

General

Target

ff0d6f0dfe38dc28a2f053a74f67a88d26d27a9aaa66c5a9f270d413e7fa6f4c
Size

128KB
Sample

241107-s1b6nsvejl
MD5

06dac069b1b6782736cce2340af248f2
SHA1

2611cab9e5dea6a13dac82be051f3fbd73534d30
SHA256

ff0d6f0dfe38dc28a2f053a74f67a88d26d27a9aaa66c5a9f270d413e7fa6f4c
SHA512

d3c1ae9f1a5cd66995524fc3118ee198a431de61ea846d8bd5b273bf943daef31c97a220e006b4a6f19787af7277a77d4e43606aee78c9ec5b59d745901ca19f
SSDEEP

3072:8kAQLksysunwCfxFe8/cmhZWxq8H+pSpdFSo4U6D+S0wnJmD:NNcs9CJbkmhU7e4H6D+S/4

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  6b2b19e169923a9765c225d8904983a3b7421e0d7c0e8df299721e55dbe8c01a.exe
- Size
  
  199KB
- MD5
  
  0f96ac0abaa4099338368210a30ae062
- SHA1
  
  aca8a444bd49435ccd9ad81b831692ee0dfbec22
- SHA256
  
  6b2b19e169923a9765c225d8904983a3b7421e0d7c0e8df299721e55dbe8c01a
- SHA512
  
  e73b2d2be5eb9e648e48c2e85b62176d043dbd8f1def68a934738496715c5d7cf067b05b7309268d63a0d79d5776375bda57765505392fbe9103e0cc3906c593
- SSDEEP
  
  3072:d1TOV1j3PIktBlwLL6vJwwYvFv4pA8ggl6S5:nyVZfIktILLuJw3vh4Jlr
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan