smokeloader | c166b490846d441400727765dd668262087642bae1bbfd7aaf7a1bed5aa35b62 | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
26-05-2024 08:21

Sharing

Report Analysis Logs

General

Target

4.exe
Size

234KB
MD5

73ddf9a7f42e0452b6aa00f4e0a0afd5
SHA1

79ea2d473e72751803c9650ae5c6b144a0aa4879
SHA256

c166b490846d441400727765dd668262087642bae1bbfd7aaf7a1bed5aa35b62
SHA512

c7931368fffeb684c6de5a7affe168f11c1e1d5fed5f843fb0ff98f393c49909e202fb7d500f126097f5e5ddf69beb1fe900c27bd918c2d8d4a69c451b053ed5
SSDEEP

3072:a5My9dAbFfJ30bYKMy+WlmKwkGLVmWDju8Ogxsqtoe8MGRT8:UUbFfJEb7LM5t9OgfdaRT

Score

10^/10

smokeloader pub4 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\4.exe
"C:\Users\Admin\AppData\Local\Temp\4.exe"
1⤵
PID:2024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2024-2-0x0000000002DC0000-0x0000000002EC0000-memory.dmp

Filesize
1024KB

Download
memory/2024-3-0x0000000000220000-0x000000000022B000-memory.dmp

Filesize
44KB

Download
memory/2024-4-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2024-1-0x0000000000400000-0x0000000002C9A000-memory.dmp

Filesize
40.6MB

Download