smokeloader | 610edded4b537b64563e6f8aa35199aeb794d2011ceb36bc00551e4f84c803ad | Triage

Sharing

General

Target

610edded4b537b64563e6f8aa35199aeb794d2011ceb36bc00551e4f84c803ad
Size

126KB
Sample

241111-ebrcea1pav
MD5

04995e97c6f97ecc1047712720fa4032
SHA1

e305f0873e8a34abf58a1be6317b7ca22523bcf8
SHA256

610edded4b537b64563e6f8aa35199aeb794d2011ceb36bc00551e4f84c803ad
SHA512

ed54af2ec6564d163e319f19169be61877d8c12fce1f850e52b84769f4a61250615bdaf41721441a85c2c631ca1bff9d4bc4dfc0192eaf8f187ca1d48a2b1b5e
SSDEEP

3072:IV6ZkzUfje1b2Zwl0jhwpKF96LxIdjw3KmpaDNPm8/Vffh:I4NfjeGW696LU6KZDZm8/z

Score

10^/10

smokeloader 2023 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Targets

- Target
  
  56b9bba4f6d51f0a1c21d62614d87f946ae7464629ef27abc48ecf14dd1e684e
- Size
  
  186KB
- MD5
  
  75e60b6084c6716bba7f221ef5e0ccf3
- SHA1
  
  03b9529cdb1ef763dfad4e89e1f68d5fcb4ec4c2
- SHA256
  
  56b9bba4f6d51f0a1c21d62614d87f946ae7464629ef27abc48ecf14dd1e684e
- SHA512
  
  d1bc21b931f300c724d2bd0f1891deb656304fc0e77ee95b26d47e7020a000311b2aed9c33578607cac7a228147d3e6950e14d2a73bd1bca177a53074da315e6
- SSDEEP
  
  3072:xKy4fUvJnLIWsWHrWo5svBmujw3KmpaDNPm5EWybG:sy3LIWsY836KZDZm5EWy
Score

10^/10

smokeloader 2023 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloader2023backdoordiscoverytrojan

behavioral2

smokeloader2023backdoordiscoverytrojan