smokeloader | 338e2378b54f3a94828bc23452f0b6e7bd7f69bc2fb13c618e727feafe61d1ee | Triage

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
23/09/2024, 01:07 UTC

Sharing

Report Analysis Logs

General

Target

338e2378b54f3a94828bc23452f0b6e7bd7f69bc2fb13c618e727feafe61d1ee.exe
Size

446KB
MD5

23b504ebcc23b1216f95bf578289d648
SHA1

01bdab9d9d491672974198075388cad941372e38
SHA256

338e2378b54f3a94828bc23452f0b6e7bd7f69bc2fb13c618e727feafe61d1ee
SHA512

3441ae4b1e119143fcc433ef53731150eb05a5ac6190c9b13a96386f76ad030cbe83a804abe3bc5f825d6841a98dae71646688599f5cf05dbe0b669a52f7944c
SSDEEP

6144:3Ba9JaOIl9S0CkEjkXuARDWoQpLz1LiHTlXb55FXCnFk:3cXaO+SteXuGVQ9z1LiHBrpSC

Score

10^/10

smokeloader pub3 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\338e2378b54f3a94828bc23452f0b6e7bd7f69bc2fb13c618e727feafe61d1ee.exe
"C:\Users\Admin\AppData\Local\Temp\338e2378b54f3a94828bc23452f0b6e7bd7f69bc2fb13c618e727feafe61d1ee.exe"
1⤵
PID:2212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2212-3-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2212-1-0x00000000025A0000-0x00000000026A0000-memory.dmp

Filesize
1024KB

Download
memory/2212-4-0x0000000000400000-0x0000000002488000-memory.dmp

Filesize
32.5MB

Download
memory/2212-5-0x0000000000400000-0x0000000002488000-memory.dmp

Filesize
32.5MB

Download