smokeloader | 202d7437f373c1ee4da3733e9445a521d9395c604ad8ec5e25cd4799d60ac754 | Triage

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
04/11/2024, 19:18

Sharing

Report Analysis Logs

General

Target

202d7437f373c1ee4da3733e9445a521d9395c604ad8ec5e25cd4799d60ac754.exe
Size

186KB
MD5

f46f9009978c8a89c1dc71c76e2e8a5f
SHA1

1fcdb6d314c2d3609bae1faf8cd31197b7ce28ec
SHA256

202d7437f373c1ee4da3733e9445a521d9395c604ad8ec5e25cd4799d60ac754
SHA512

ac830a5626e609c19fcc65cdc58e9448a0118f1b3096281308f74425aa8efc720a8fc69d1e954ee55e3ec3a69d39e288d25b5625810b6fee02db34922ec2fa42
SSDEEP

3072:VvpokLTeW8qG5txEn8j4g5yaiIyrUkbHJUODvq13ZhAJBA1e:BLTqqqC8j4FPlrUkbMrKBA1e

Score

10^/10

smokeloader 2023 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader
Smokeloader family
smokeloader

C:\Users\Admin\AppData\Local\Temp\202d7437f373c1ee4da3733e9445a521d9395c604ad8ec5e25cd4799d60ac754.exe
"C:\Users\Admin\AppData\Local\Temp\202d7437f373c1ee4da3733e9445a521d9395c604ad8ec5e25cd4799d60ac754.exe"
1⤵
PID:2516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2516-3-0x0000000000220000-0x0000000000229000-memory.dmp

Filesize
36KB

Download
memory/2516-2-0x0000000000400000-0x000000000044C000-memory.dmp

Filesize
304KB

Download
memory/2516-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2516-1-0x00000000004F0000-0x00000000005F0000-memory.dmp

Filesize
1024KB

Download