smokeloader | 9bae1f2d30c7bd606c017c6473d8eee2663e2e14da3a5f777e9c6c5be5f8a5ed | Triage

Submit
Reports

Overview

overview

Static

static

2944-58-0x...ry.exe

windows7-x64

2944-58-0x...ry.exe

windows10-2004-x64

Sharing

General

Target

2944-58-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240522-wznd4abg92
MD5

c05b0fa9c5066c606fd5b28e9c0e4fbc
SHA1

a0b60655112ff8c3da21285506e733a84a91842d
SHA256

9bae1f2d30c7bd606c017c6473d8eee2663e2e14da3a5f777e9c6c5be5f8a5ed
SHA512

0ba802310dab991a505355634b4d5ae68c26e8537e064bbd599b36a9bdf12306349bbec7dcd77083333edaf3ad719532a062f541904e2ca738e2bd2c5e5fdb5a
SSDEEP

768:XSix54L6rBbRra6CsNvJJVqsZ3+TZ/aRodiZ7Q:i5L6Y6PNvJF32R6ogC

Score

10^/10

smokeloader pub2 backdoor trojan

Static task

static1

pub2 smokeloader

2 signatures

Behavioral task

behavioral1

Sample

2944-58-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win7-20240508-en

smokeloader backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

2944-58-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win10v2004-20240508-en

smokeloader backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Targets

- Target
  
  2944-58-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  c05b0fa9c5066c606fd5b28e9c0e4fbc
- SHA1
  
  a0b60655112ff8c3da21285506e733a84a91842d
- SHA256
  
  9bae1f2d30c7bd606c017c6473d8eee2663e2e14da3a5f777e9c6c5be5f8a5ed
- SHA512
  
  0ba802310dab991a505355634b4d5ae68c26e8537e064bbd599b36a9bdf12306349bbec7dcd77083333edaf3ad719532a062f541904e2ca738e2bd2c5e5fdb5a
- SSDEEP
  
  768:XSix54L6rBbRra6CsNvJJVqsZ3+TZ/aRodiZ7Q:i5L6Y6PNvJF32R6ogC
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pub2smokeloader

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy