smokeloader | dd4ff1b8b990b4cee33d9f2504e1167c27d352a1be0b8a9e80469176e34a6010 | Triage

Submit
Reports

Overview

overview

Static

static

804-6-0x00...ry.exe

windows7-x64

804-6-0x00...ry.exe

windows10-2004-x64

Sharing

General

Target

804-6-0x0000000000400000-0x0000000000409000-memory.dmp
Size

36KB
Sample

240503-kmklwsch98
MD5

dfa5eb9f31696dba0c4bd0e124ccbfae
SHA1

780a49a4b56ecb7407e01032c0ca0155ac63255f
SHA256

dd4ff1b8b990b4cee33d9f2504e1167c27d352a1be0b8a9e80469176e34a6010
SHA512

4fc42f7d35f455efbfe01f165a838080705a5a2412edfd0aade27fcf7748be117865a1e530f830b7e2c224f50f66d82ba1e062afbe2fb757575f6d598b1ab562
SSDEEP

768:OkUqYDNTIoKpDd1KM02kQhx4hOtFceWzYqvz0bOS:zLiRLKtd1PBkQD4UtFceWnz

Score

10^/10

smokeloader pub1 backdoor trojan

Static task

static1

pub1 smokeloader

2 signatures

Behavioral task

behavioral1

Sample

804-6-0x0000000000400000-0x0000000000409000-memory.exe

Resource

win7-20240215-en

smokeloader backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

804-6-0x0000000000400000-0x0000000000409000-memory.exe

Resource

win10v2004-20240419-en

smokeloader backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  804-6-0x0000000000400000-0x0000000000409000-memory.dmp
- Size
  
  36KB
- MD5
  
  dfa5eb9f31696dba0c4bd0e124ccbfae
- SHA1
  
  780a49a4b56ecb7407e01032c0ca0155ac63255f
- SHA256
  
  dd4ff1b8b990b4cee33d9f2504e1167c27d352a1be0b8a9e80469176e34a6010
- SHA512
  
  4fc42f7d35f455efbfe01f165a838080705a5a2412edfd0aade27fcf7748be117865a1e530f830b7e2c224f50f66d82ba1e062afbe2fb757575f6d598b1ab562
- SSDEEP
  
  768:OkUqYDNTIoKpDd1KM02kQhx4hOtFceWzYqvz0bOS:zLiRLKtd1PBkQD4UtFceWnz
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pub1smokeloader

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy