smokeloader | 87fadf46f276cd5c972ae1efb0d0b74f80e852a7f1df0a32ef734c19fb4144b3 | Triage

Analysis

max time kernel
13s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
20/08/2024, 11:45

Sharing

Report Analysis Logs

General

Target

f356ae4e6eab44fdca3ba523d18102ea.exe
Size

214KB
MD5

f356ae4e6eab44fdca3ba523d18102ea
SHA1

c993dcca3bdcd23198c751edcc9ead06c4115ceb
SHA256

87fadf46f276cd5c972ae1efb0d0b74f80e852a7f1df0a32ef734c19fb4144b3
SHA512

f78311ad8a45f3cd5d63ac2a3648240afba19366d72a5ead96154c4f36a0056fce9b098f6fd7353d0eb9bf891ce17c8134661747926e510a26eff00edf27c367
SSDEEP

3072:qOKL7HwqoCb0j4Gz6Q14AICqvEjL6nihi10E5UuKmH1:ELTwqJ0jh+tAwEjQihicu

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\f356ae4e6eab44fdca3ba523d18102ea.exe
"C:\Users\Admin\AppData\Local\Temp\f356ae4e6eab44fdca3ba523d18102ea.exe"
1⤵
PID:2344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2344-1-0x00000000002B0000-0x00000000003B0000-memory.dmp

Filesize
1024KB

Download
memory/2344-2-0x00000000001B0000-0x00000000001BB000-memory.dmp

Filesize
44KB

Download
memory/2344-3-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2344-5-0x00000000001B0000-0x00000000001BB000-memory.dmp

Filesize
44KB

Download
memory/2344-4-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download
memory/2344-6-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download