smokeloader | bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
23-08-2024 10:17

Sharing

Report Analysis Logs

General

Target

bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe
Size

207KB
MD5

4777e7f05fd00c4d760eb3f2c9aed68b
SHA1

1cc060d5b056c66f41f81f75c6c3a7ac33c5a8ca
SHA256

bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac
SHA512

07279383e308db0c66480d29076b247d6925a17c7b3188176277eaac52e2a362b88297a028f71d6ac985efc1b6963aae6665ae03c7539f30a632f48d396c99cb
SSDEEP

3072:IrWdgWAjvWA/mQrhj5PV+5HV0tr7L/G5gdSe4+NtM:IrHtvWAh7+KSe4

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe
"C:\Users\Admin\AppData\Local\Temp\bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe"
1⤵
PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2200-1-0x00000000005A0000-0x00000000006A0000-memory.dmp

Filesize
1024KB

Download
memory/2200-3-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/2200-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2200-4-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download
memory/2200-5-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download