smokeloader | e2a7f3f96c3d37c121939e293c68ed5a49d9c3a0ae30e646430e7c8f04338f40 | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
09-10-2024 14:04

Sharing

Report Analysis Logs

General

Target

e2a7f3f96c3d37c121939e293c68ed5a49d9c3a0ae30e646430e7c8f04338f40.exe
Size

218KB
MD5

506572dc9e0784a122652c792b6dbdc4
SHA1

891d36b5b100cd647d9c231ea6c36b26728ceea6
SHA256

e2a7f3f96c3d37c121939e293c68ed5a49d9c3a0ae30e646430e7c8f04338f40
SHA512

cf700aa3858e0e547562a3e41d388090d53330b6194e50729732db197bf82616e82592706a8daa5d0969d49acba548fdd869d05dad6da7151a58249291552662
SSDEEP

3072:LELgQvpKcUJTV5nEG2MfHdPwi548Ewv6ClhJNCA43/6o5E4CA43/6XoIE:LELgQvELJn79vTHRNvTotvT4

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\e2a7f3f96c3d37c121939e293c68ed5a49d9c3a0ae30e646430e7c8f04338f40.exe
"C:\Users\Admin\AppData\Local\Temp\e2a7f3f96c3d37c121939e293c68ed5a49d9c3a0ae30e646430e7c8f04338f40.exe"
1⤵
PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2248-1-0x0000000000980000-0x0000000000A80000-memory.dmp

Filesize
1024KB

Download
memory/2248-2-0x0000000000220000-0x000000000022B000-memory.dmp

Filesize
44KB

Download
memory/2248-3-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2248-5-0x0000000000220000-0x000000000022B000-memory.dmp

Filesize
44KB

Download
memory/2248-4-0x0000000000400000-0x0000000000531000-memory.dmp

Filesize
1.2MB

Download