smokeloader | fa7a8268e4e1f626806c785b6db0a7b11b7df57ac19e1a63218cbbfd741470e0 | Triage

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-10-2024 05:31

Sharing

Report Analysis Logs

General

Target

fa7a8268e4e1f626806c785b6db0a7b11b7df57ac19e1a63218cbbfd741470e0.exe
Size

40KB
MD5

96a304de083d6ad5724b444a1de440a7
SHA1

82ac735690e16fd8aa08e9dd20bcac341a804e0e
SHA256

fa7a8268e4e1f626806c785b6db0a7b11b7df57ac19e1a63218cbbfd741470e0
SHA512

3ca87b1605b570e1060aa65910ccfae877c54e8fa63398f36cbdb733f47f67d52df07bd0e071b518f41e0841c24968998b5f7b3d56ac645b62022d7b9bdfb601
SSDEEP

768:cG9Gio1cg1eFPFssvqYgMEZEVRsulWudZfDGN8J0cGyj0l:c2o1NeF/vJnjVRssPjf5PGJl

Score

10^/10

smokeloader pub2 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader

C:\Users\Admin\AppData\Local\Temp\fa7a8268e4e1f626806c785b6db0a7b11b7df57ac19e1a63218cbbfd741470e0.exe
"C:\Users\Admin\AppData\Local\Temp\fa7a8268e4e1f626806c785b6db0a7b11b7df57ac19e1a63218cbbfd741470e0.exe"
1⤵
PID:2344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2344-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2344-1-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download