smokeloader | 54d8bcd64a7f6673503c880e30cc80432525f6b9261f3d1182c4494f9074197d | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
19-08-2024 07:12

Sharing

Report Analysis Logs

General

Target

83c412d8444c58a4c149e83daa15d057.exe
Size

215KB
MD5

83c412d8444c58a4c149e83daa15d057
SHA1

ef0718704b80d3afa07e33a3fae034efcda4d6b4
SHA256

54d8bcd64a7f6673503c880e30cc80432525f6b9261f3d1182c4494f9074197d
SHA512

79391c1a6369e1bc49ad2df75ee09de124a57648fc58acf5f560bee4e7e34d5da8d5ce81337f8f2f26ddb7dfaacdb653091089a108de22ce0bca39e9aef2c6c5
SSDEEP

3072:T3OLGSM9W6dBxs0vyty6pV4LG5VcQJUkJTtm85Dg:iLGSMJxsEywILfcQ9o

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\83c412d8444c58a4c149e83daa15d057.exe
"C:\Users\Admin\AppData\Local\Temp\83c412d8444c58a4c149e83daa15d057.exe"
1⤵
PID:2432

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2432-3-0x0000000000220000-0x000000000022B000-memory.dmp

Filesize
44KB

Download
memory/2432-4-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2432-2-0x0000000000610000-0x0000000000710000-memory.dmp

Filesize
1024KB

Download
memory/2432-1-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2432-5-0x0000000000610000-0x0000000000710000-memory.dmp

Filesize
1024KB

Download