smokeloader | c0369fbb6f2a36595412c0341648c0b7e96d3ed27d5992dfc96c112d6b011962 | Triage

Submit
Reports

Overview

overview

Static

static

1072-3-0x0...ry.exe

windows7-x64

1072-3-0x0...ry.exe

windows10-2004-x64

Sharing

General

Target

1072-3-0x0000000000400000-0x000000000040B000-memory.dmp
Size

44KB
Sample

240527-yazf6sfd6x
MD5

0b04bb945ba60f5bb1651d3b6218b06e
SHA1

6bc1fba2f0e6d8190e63ffe8646d324f712a9dac
SHA256

c0369fbb6f2a36595412c0341648c0b7e96d3ed27d5992dfc96c112d6b011962
SHA512

0fdf213f32c91651692351b8dad7e2228d05362f3306e0145affdf79106a75cd3aab28355f0614f03fca5a07e444fe23de448a415b540c0530395e637fe4b313
SSDEEP

768:yRQB1CTSqoHXQkkU3NIZjKQu/MGQ2lsDBw7en:yRc0YQmNIZreMp28O7Y

Score

10^/10

smokeloader pub3 backdoor trojan

Static task

static1

pub3 smokeloader

2 signatures

Behavioral task

behavioral1

Sample

1072-3-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win7-20240508-en

smokeloader backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

1072-3-0x0000000000400000-0x000000000040B000-memory.exe

Resource

win10v2004-20240508-en

smokeloader backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Targets

- Target
  
  1072-3-0x0000000000400000-0x000000000040B000-memory.dmp
- Size
  
  44KB
- MD5
  
  0b04bb945ba60f5bb1651d3b6218b06e
- SHA1
  
  6bc1fba2f0e6d8190e63ffe8646d324f712a9dac
- SHA256
  
  c0369fbb6f2a36595412c0341648c0b7e96d3ed27d5992dfc96c112d6b011962
- SHA512
  
  0fdf213f32c91651692351b8dad7e2228d05362f3306e0145affdf79106a75cd3aab28355f0614f03fca5a07e444fe23de448a415b540c0530395e637fe4b313
- SSDEEP
  
  768:yRQB1CTSqoHXQkkU3NIZjKQu/MGQ2lsDBw7en:yRc0YQmNIZreMp28O7Y
Score

10^/10

smokeloader backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pub3smokeloader

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy