smokeloader | b7728759616789c10bd8d1c1c9a97a04f4c5fce5a5c90c45bb4c7bb28ee67f73 | Triage

Sharing

General

Target

b7728759616789c10bd8d1c1c9a97a04f4c5fce5a5c90c45bb4c7bb28ee67f73.exe
Size

334KB
Sample

241122-wstyas1nel
MD5

0896d92559715e8397719e4ffaf120c0
SHA1

08432e449c7c93682d58db6dc065b42d2f0b424e
SHA256

b7728759616789c10bd8d1c1c9a97a04f4c5fce5a5c90c45bb4c7bb28ee67f73
SHA512

e747c00d9a4f74a15aab2ee089c8d30d2b1223130625493d07262233e27b9e47b43bb78dc0bb73015d829f4ec46a2a61fc3474b14a202809616d097072750974
SSDEEP

6144:06AEyGaYMOZjlRRfCqS+Uks961NEQC3jO51Nb565ztcZ4j+GsFylG:iEs4XaMUj+Nvj6AZ4jeFylG

Score

10^/10

smokeloader li11 backdoor discovery trojan

Malware Config

Extracted

Family

smokeloader

Botnet

li11

Targets

- Target
  
  b7728759616789c10bd8d1c1c9a97a04f4c5fce5a5c90c45bb4c7bb28ee67f73.exe
- Size
  
  334KB
- MD5
  
  0896d92559715e8397719e4ffaf120c0
- SHA1
  
  08432e449c7c93682d58db6dc065b42d2f0b424e
- SHA256
  
  b7728759616789c10bd8d1c1c9a97a04f4c5fce5a5c90c45bb4c7bb28ee67f73
- SHA512
  
  e747c00d9a4f74a15aab2ee089c8d30d2b1223130625493d07262233e27b9e47b43bb78dc0bb73015d829f4ec46a2a61fc3474b14a202809616d097072750974
- SSDEEP
  
  6144:06AEyGaYMOZjlRRfCqS+Uks961NEQC3jO51Nb565ztcZ4j+GsFylG:iEs4XaMUj+Nvj6AZ4jeFylG
Score

10^/10

smokeloader li11 backdoor discovery trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Smokeloader family
  smokeloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderli11backdoordiscoverytrojan

behavioral2

smokeloaderli11backdoordiscoverytrojan