smokeloader | cf116d73d7f072530c4c937c785c116c423348f3aecc8a3ba0355495e5fc45f1 | Triage

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22-08-2024 11:15

Sharing

Report Analysis Logs

General

Target

cf116d73d7f072530c4c937c785c116c423348f3aecc8a3ba0355495e5fc45f1.exe
Size

362KB
MD5

e9631cbe69b3ba045e356e1ee0300fed
SHA1

1890d1d037f5677992c85e8454c8c6f00cde797e
SHA256

cf116d73d7f072530c4c937c785c116c423348f3aecc8a3ba0355495e5fc45f1
SHA512

b7f88e6b9b0b36c452df422915c7c9d8996ef115f9f8ddcd32c62d8977402835463a594f30815765e084aebb50676f22344c5eed76c3e451b0fd7c8ea1c43f91
SSDEEP

3072:yFDhVlOzx78jaD98YbD0aCquvo3rHB6RXyPn0Xy/Xm6bQV1ijR6GPOr5IWOin9bn:kFGzx7z8taCqiobhqXW/2SYe6/N

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\cf116d73d7f072530c4c937c785c116c423348f3aecc8a3ba0355495e5fc45f1.exe
"C:\Users\Admin\AppData\Local\Temp\cf116d73d7f072530c4c937c785c116c423348f3aecc8a3ba0355495e5fc45f1.exe"
1⤵
PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2960-1-0x0000000000690000-0x0000000000790000-memory.dmp

Filesize
1024KB

Download
memory/2960-3-0x0000000000400000-0x00000000005ED000-memory.dmp

Filesize
1.9MB

Download
memory/2960-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2960-6-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2960-5-0x0000000000400000-0x00000000005ED000-memory.dmp

Filesize
1.9MB

Download