smokeloader | d930d0f44b5e128904dbdd312f055dee33144d2bd090699ef115967491341aba | Triage

Sharing

General

Target

d930d0f44b5e128904dbdd312f055dee33144d2bd090699ef115967491341aba
Size

125KB
Sample

241109-gyhpwszaml
MD5

88c3f2130baf1600b0fed50a0844bfc5
SHA1

49a8064f130ff2b972cfc78dc8d93bc6643f4d68
SHA256

d930d0f44b5e128904dbdd312f055dee33144d2bd090699ef115967491341aba
SHA512

506e7e1bdb1e7b00327cc3254cb7433844693ad773f6b202e0999c1e430c09efe2a4cec613696009c6c3f9b2469cd7cbbbecc5ac0ceed67949ec60eb960427a7
SSDEEP

1536:7c3iaGm/VEnvWjDgT0kXc6dNp1p7TCqy/s7J86zo0rj6sAnu6EctSeKFMMq19ws5:1TmUWwT08dNpnWoJxoq41Ee6GR9ZBkW

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  40ad36b8d5c67caa6dd5fed258a1dc0b6f051c85e231a5d74992ccdbbd7e7bff
- Size
  
  194KB
- MD5
  
  f1b49eaf4277df939f0e783df438ca9d
- SHA1
  
  723f9887f5d7608e1ec16f57c463def49809e88d
- SHA256
  
  40ad36b8d5c67caa6dd5fed258a1dc0b6f051c85e231a5d74992ccdbbd7e7bff
- SHA512
  
  50f3f1c0fd6b2061d921beb7fb662590b5e75c3e6f96915ba2ec1ca66f29bdb5e654484ecae9ec871eff2a0ed697291e1099125f32e70ca6da63282676efd17c
- SSDEEP
  
  3072:MX5rbaOGL7vzyBq5qZOtKrKW1Ee6GzpZhDI4:IxGLiBGgEe6GFD
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan