smokeloader | c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547 | Triage

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
22-09-2024 18:42

Sharing

Report Analysis Logs

General

Target

file.exe
Size

249KB
MD5

d56bea8714d3b0d71a4905b3e9103e03
SHA1

f87548174e258b4e9aaf02a76d28874b87413f54
SHA256

c27e2d17cf286c37d3691b278c530c70911950db0c7bbc4e57523ecf325f1547
SHA512

ca1cda273c0f828fb1773ae7fb06e01be85416b757777461db460a4c421802d0d33e2f5a23823197767871531efbce8eb65adf0cb7f716994ad7ea2e10fafa37
SSDEEP

3072:/QGHLMg57JJiTFgV5qzHXROliutbzQ9EH12gu5TlssAxaxBAUf7J:oGHLMwlEyViOAIg9EYBAel

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2060-4-0x0000000000230000-0x0000000000330000-memory.dmp

Filesize
1024KB

Download
memory/2060-3-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2060-1-0x0000000000400000-0x000000000053A000-memory.dmp

Filesize
1.2MB

Download
memory/2060-2-0x00000000003A0000-0x00000000003AB000-memory.dmp

Filesize
44KB

Download