smokeloader | 161c8f7105c34c8dbef95980a74183a3a5d2f36fb98e0ec516fd543a87cc1079 | Triage

Sharing

General

Target

161c8f7105c34c8dbef95980a74183a3a5d2f36fb98e0ec516fd543a87cc1079
Size

140KB
Sample

241109-mzgrwawkfl
MD5

a6cc509df4803b05295b0d5671a57718
SHA1

7deabd2545d7a5dd9e42b6c6cdfcd45b88608827
SHA256

161c8f7105c34c8dbef95980a74183a3a5d2f36fb98e0ec516fd543a87cc1079
SHA512

b399191b6175312ec2ce5cca7bd0ab5ed3f809907028e0445ffc8abfcd81408cc5abf05c86d63940f64c5d1dd1ad54040852f4ced1cfca6e96999e3cb57c0d3a
SSDEEP

3072:ZIkimGAPYI3y213LbAVwh9rXCnNRAXuHP2Q2xzDxAqmgaQMp0WmN6PIWD:ZAmGmYIL13ngwhtSn4+h2xZjlnNWmN6n

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  842f4b4369331da215a52c5af21720d30d799557e41e493892f76078c18a4b49
- Size
  
  223KB
- MD5
  
  bfbfca5f9c558bf3171f999ba3459d12
- SHA1
  
  ced296dd2fa34b9b52cdb01e238af34dd8414399
- SHA256
  
  842f4b4369331da215a52c5af21720d30d799557e41e493892f76078c18a4b49
- SHA512
  
  59150c481eb0544897b09c53f52cd00f1068f410234c947ab24e96948713d6fb129ac01a98a747d84d918003555c7177e1cf40abd1cb099e2fb0d43ec0ca72a1
- SSDEEP
  
  3072:WDwILGHLb55+98kVwAgmv9LKxW42MLauDgI7H4f/ln:qLGrfkgm1XMLaMgIS
Score

10^/10

smokeloader 2023 backdoor trojan discovery
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoortrojan

behavioral2

smokeloader2023backdoordiscoverytrojan