smokeloader | 5e76223b4ec53240790dbdb1a2937774f48094711ee0cf2a5906ffd8e727e519 | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
18-10-2024 13:21

Sharing

Report Analysis Logs

General

Target

ddea2e8fdf71f225d8edebe0034e589f.exe
Size

421KB
MD5

ddea2e8fdf71f225d8edebe0034e589f
SHA1

b8c92917f1fe79d3595c7cdcd4c157eae69c7ba6
SHA256

5e76223b4ec53240790dbdb1a2937774f48094711ee0cf2a5906ffd8e727e519
SHA512

a924639de2b707d8e1aba9b7b5c1b2aa0cccb6e5e03513724cc0dd3049ebdc295d09b655f3fdb2c920de15a3847df99ded5e4a241af22d42ef43d61c88e3cb7e
SSDEEP

6144:C9L6WkBljkkvOqysCusnDXebpcOB3FyxMfb9ObhzQ5D/7sFj5:22WkBdhvOfuK+p/B3FyGbUbhQ5M

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\ddea2e8fdf71f225d8edebe0034e589f.exe
"C:\Users\Admin\AppData\Local\Temp\ddea2e8fdf71f225d8edebe0034e589f.exe"
1⤵
PID:304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/304-0-0x0000000000220000-0x000000000024C000-memory.dmp

Filesize
176KB

Download
memory/304-1-0x0000000000250000-0x000000000025B000-memory.dmp

Filesize
44KB

Download
memory/304-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/304-3-0x0000000000400000-0x0000000000479000-memory.dmp

Filesize
484KB

Download
memory/304-5-0x0000000000220000-0x000000000024C000-memory.dmp

Filesize
176KB

Download
memory/304-6-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/304-4-0x0000000000250000-0x000000000025B000-memory.dmp

Filesize
44KB

Download