smokeloader | 1b69a9c37210a79131c5cbcfaa4163fb5027989b4537b43a5a6cf6f40a4bab1a | Triage

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
27-05-2024 14:12

Sharing

Report Analysis Logs

General

Target

1b69a9c37210a79131c5cbcfaa4163fb5027989b4537b43a5a6cf6f40a4bab1a.exe
Size

40KB
MD5

a93525f5f13c811e90c56492f5ac934a
SHA1

37fb7a8b8903f4b614cec214f0ff0c69c88a1864
SHA256

1b69a9c37210a79131c5cbcfaa4163fb5027989b4537b43a5a6cf6f40a4bab1a
SHA512

3d6267f5ba8fe3aef759559d7358d6418edaa927e9c6c5832ca4bb0703498db6dc69f196715c14dfc727f3487a297c6201a5243bd1a762e3d5a1eb800ef13b3d
SSDEEP

768:yBQB1CTmqUQHXQkkU3NIZjKQu/MGQ2lsDBw7en:yBc0+yQmNIZreMp28O7Y

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\1b69a9c37210a79131c5cbcfaa4163fb5027989b4537b43a5a6cf6f40a4bab1a.exe
"C:\Users\Admin\AppData\Local\Temp\1b69a9c37210a79131c5cbcfaa4163fb5027989b4537b43a5a6cf6f40a4bab1a.exe"
1⤵
PID:2236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2236-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2236-1-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download