smokeloader | 919e028e6404fd8b902500a8b28387b2d336fe80ab1a0b3ba9924468a4aee0e2 | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
07-11-2024 08:08

Sharing

Report Analysis Logs

General

Target

e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd.exe
Size

231KB
MD5

ff58b2c40941c7066739fe425f01d928
SHA1

ea2044c506fcea503f82fe1bc74c031db636aa59
SHA256

e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd
SHA512

e42721c6062dc72d5f6141a4bc21140e571259b97443a306debdaea72864d452c8b04429d66743db6915af57ce2ddcff352fe4962fe0eb2ef9b109237502d6a7
SSDEEP

3072:c5d+LO82n5TfpgX4h2XVCkFLq5c6Ka8tJ/OkZFw7RkxmJZs:cWLp2BOFCkFu57iJ/OkrGymI

Score

10^/10

smokeloader 2023 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

2023

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader
Smokeloader family
smokeloader

C:\Users\Admin\AppData\Local\Temp\e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd.exe
"C:\Users\Admin\AppData\Local\Temp\e9f8b316306170264c2640f235e5d7dd2470d74123566509d7a21984778720dd.exe"
1⤵
PID:1196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1196-1-0x0000000000500000-0x0000000000600000-memory.dmp

Filesize
1024KB

Download
memory/1196-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1196-5-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1196-4-0x0000000000400000-0x000000000045E000-memory.dmp

Filesize
376KB

Download
memory/1196-3-0x0000000000400000-0x000000000045E000-memory.dmp

Filesize
376KB

Download