smokeloader | b3e002b025769c579a51cd24654c79cf806bf5cc57a63cf6da7da4560819d188 | Triage

Sharing

General

Target

b3e002b025769c579a51cd24654c79cf806bf5cc57a63cf6da7da4560819d188
Size

135KB
Sample

241109-ctfbravglc
MD5

e3f5e933da2f2a0b90294e06d6f479d9
SHA1

8b76aa934c902ae2ae4aa63a8b7072f4d451214f
SHA256

b3e002b025769c579a51cd24654c79cf806bf5cc57a63cf6da7da4560819d188
SHA512

5f4012090bcf692a4dcce3ff4cc70a04dfd21c3f221a61e2d6352ed4dc279fcb4f80ebb9b4bd474b7c81cb4f17fd60ca5babb115aefcdf5b4c48658a1a8dd515
SSDEEP

3072:FiIkxhiUFOvhXw1CltUf8rl610OlRS2osubpUgTgFV+C:FihFEpplS8s6ODhoswQFVn

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  1f9ac5a70e90d6438a808a923a5c628fd2a11b6222016ed73ce3c72576290296
- Size
  
  209KB
- MD5
  
  d60cf326cccb8e29eaf4a341c202b59b
- SHA1
  
  eb9c80873d31ee119556ed9c95efcd92f2d98f87
- SHA256
  
  1f9ac5a70e90d6438a808a923a5c628fd2a11b6222016ed73ce3c72576290296
- SHA512
  
  6e2919094ab82e08e3bcefb2a4c0141c7a9629621ebd5bb40262d170271a091a8e8035251014ce242e9c198a516d0acc46b3aa0d2c04477d04c44cb4bdb0a5db
- SSDEEP
  
  3072:fRXO3pFnKLSW4Ls/K5Ij+nFkx2Cm8rl610OlRS2osubLIdNs5W6:tgJKL8IX6FkxVm8s6ODhoswFR
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan