smokeloader | d9546acf6e68ce1ed866c2f06bb34ee33441efd7a315e061f0b6d37f200af23b | Triage

Submit
Reports

Overview

overview

Static

static

964-3-0x00...ry.exe

windows7-x64

964-3-0x00...ry.exe

windows10-2004-x64

Sharing

General

Target

964-3-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240522-p2j15aca5y
MD5

cf8fad35bab1927396014d7ba84044aa
SHA1

c0649520a92d672a11cc2676c9cfb8f1daf34c59
SHA256

d9546acf6e68ce1ed866c2f06bb34ee33441efd7a315e061f0b6d37f200af23b
SHA512

50372a098955ac6f888141c50892ba4421a2aeb6b370b2d548e1e23f7ae22d2d4c701c270ad07b9fc13d406b97965db23ec1bfe948a085869ad6a6d57f2bd798
SSDEEP

768:O2fNN6rUCUsNJrlhRtSEObrfWrZrZZGazbv61kTtnIx1y0qWb:OQNsrIUFP7sbrOZXGaXi1kyG0P

Score

10^/10

smokeloader sel2 backdoor trojan

Static task

static1

sel2 smokeloader

2 signatures

Behavioral task

behavioral1

Sample

964-3-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win7-20240221-en

smokeloader backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

964-3-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win10v2004-20240508-en

smokeloader backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

sel2

Targets

- Target
  
  964-3-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  cf8fad35bab1927396014d7ba84044aa
- SHA1
  
  c0649520a92d672a11cc2676c9cfb8f1daf34c59
- SHA256
  
  d9546acf6e68ce1ed866c2f06bb34ee33441efd7a315e061f0b6d37f200af23b
- SHA512
  
  50372a098955ac6f888141c50892ba4421a2aeb6b370b2d548e1e23f7ae22d2d4c701c270ad07b9fc13d406b97965db23ec1bfe948a085869ad6a6d57f2bd798
- SSDEEP
  
  768:O2fNN6rUCUsNJrlhRtSEObrfWrZrZZGazbv61kTtnIx1y0qWb:OQNsrIUFP7sbrOZXGaXi1kyG0P
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

sel2smokeloader

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy