smokeloader | 220760deced8681d82f8ca7c0b919c268ceaae8162094862250d17a038b2d883 | Triage

Submit
Reports

Overview

overview

Static

static

4400-28-0x...ry.exe

windows7-x64

4400-28-0x...ry.exe

windows10-2004-x64

Sharing

General

Target

4400-28-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240429-trkbcsfc4x
MD5

34c785e024c6427d56eb2555a686fa0a
SHA1

8881c8f985f9443f7cd76a5c8744c979ab7975ca
SHA256

220760deced8681d82f8ca7c0b919c268ceaae8162094862250d17a038b2d883
SHA512

5ae668811dc6b3a22f3283f2a027338b13cf8790cdc1e0feda7f9e5be9321e763c8d2e50227b20e7df9a2b732b6f6c35f19abe4f98784905e623c9aeb574e99d
SSDEEP

768:dA7kbPCKW0V+ayregqjEsDT9UCbaEAviIaBhrhROW962OIv:d1lQayrzqjN9UspAK5hrh8W9ew

Score

10^/10

smokeloader pub3 backdoor trojan

Static task

static1

pub3 smokeloader

2 signatures

Behavioral task

behavioral1

Sample

4400-28-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win7-20240221-en

smokeloader backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

4400-28-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win10v2004-20240419-en

smokeloader backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  4400-28-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  34c785e024c6427d56eb2555a686fa0a
- SHA1
  
  8881c8f985f9443f7cd76a5c8744c979ab7975ca
- SHA256
  
  220760deced8681d82f8ca7c0b919c268ceaae8162094862250d17a038b2d883
- SHA512
  
  5ae668811dc6b3a22f3283f2a027338b13cf8790cdc1e0feda7f9e5be9321e763c8d2e50227b20e7df9a2b732b6f6c35f19abe4f98784905e623c9aeb574e99d
- SSDEEP
  
  768:dA7kbPCKW0V+ayregqjEsDT9UCbaEAviIaBhrhROW962OIv:d1lQayrzqjN9UspAK5hrh8W9ew
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pub3smokeloader

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy