smokeloader | ae1f34b270215a9ae41bf027f0a6a350c8e9652e1e6067f79bb39348eb82d8c3 | Triage

Analysis

max time kernel
16s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
15-12-2024 13:35

Sharing

Report Analysis Logs

General

Target

77d37a430a99108373307eb7c17ecdae4ea3aafb3065a803b264278522e41450.exe
Size

234KB
MD5

0b8bfba165a4a8362fc9306c3e9eb604
SHA1

b455f23deb8e502d106e5566087ff2b0b7dea047
SHA256

77d37a430a99108373307eb7c17ecdae4ea3aafb3065a803b264278522e41450
SHA512

3097f5390150cb912fcdf2c4c6d6259aae00c76b6fc9513f22727c4ef38187b3d5b53095f97af8d9b20af141197e0de082a09b7ff63694005f3567bf31fe02d9
SSDEEP

3072:C4pvTrLgd0u7jW245T0eDTfxph/OOkblrk2NiruKDUXJ2v40T2ui7le6:ZpXLO7jWoenf/pepLNKDXv9T2lhe6

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader
Smokeloader family
smokeloader

C:\Users\Admin\AppData\Local\Temp\77d37a430a99108373307eb7c17ecdae4ea3aafb3065a803b264278522e41450.exe
"C:\Users\Admin\AppData\Local\Temp\77d37a430a99108373307eb7c17ecdae4ea3aafb3065a803b264278522e41450.exe"
1⤵
PID:1656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1656-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1656-2-0x0000000000400000-0x0000000000458000-memory.dmp

Filesize
352KB

Download
memory/1656-1-0x0000000000520000-0x0000000000620000-memory.dmp

Filesize
1024KB

Download
memory/1656-3-0x0000000000220000-0x0000000000229000-memory.dmp

Filesize
36KB

Download
memory/1656-5-0x0000000000520000-0x0000000000620000-memory.dmp

Filesize
1024KB

Download