smokeloader | 811b60f8cd5376cf27d66826ff9bd0207af20b7eb980829f55928db493767651 | Triage

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
26-09-2024 01:56

Sharing

Report Analysis Logs

General

Target

811b60f8cd5376cf27d66826ff9bd0207af20b7eb980829f55928db493767651.exe
Size

199KB
MD5

de377b751dc64e3b85b2a4ff2ea15394
SHA1

7f758a51a3237f3d224df16211cad66c3d2324ad
SHA256

811b60f8cd5376cf27d66826ff9bd0207af20b7eb980829f55928db493767651
SHA512

508cc5448ec3eb27c964d0d97ebaec2cb53c0b6344375b6475df94ca7a822746d03536b165cda068904e4b326baa38fce1ee35e814f17baf621bc94e41f371be
SSDEEP

3072:NLPHH9MaAOsh1P/X2Nou5Gc9EEDniMb25dyU1:NLPHH9MaAOsvP/X2vDiN

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\811b60f8cd5376cf27d66826ff9bd0207af20b7eb980829f55928db493767651.exe
"C:\Users\Admin\AppData\Local\Temp\811b60f8cd5376cf27d66826ff9bd0207af20b7eb980829f55928db493767651.exe"
1⤵
PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2196-1-0x0000000000540000-0x0000000000640000-memory.dmp

Filesize
1024KB

Download
memory/2196-3-0x0000000000400000-0x0000000000445000-memory.dmp

Filesize
276KB

Download
memory/2196-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download