smokeloader | bc27b3afc72c925df021166fccc262ccf75e2be6f8b04c6772ed36ee8d5a1de0 | Triage

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07-02-2025 05:14

Sharing

Report Analysis Logs

General

Target

a059d671d950abee93ef78a170d58a3839c2a465914ab3bd5411e39c89ae55a2.exe
Size

249KB
MD5

6476071b5a91ac078350768dc9b2e953
SHA1

f40fcb5af96c56305a64790ccbaa261c10173782
SHA256

a059d671d950abee93ef78a170d58a3839c2a465914ab3bd5411e39c89ae55a2
SHA512

87784413018fea89dff5763d08e00d878af9a3db6b29708dec6fe0d0d3feb4eb8f3efc5c27851d13eb779bd3dedebdcc5958e349b8acc03102f8be6b0dd78f9d
SSDEEP

6144:H5LCUgHU2L8e3oGdA0UkzFYc5NHuPCYE:H5GUyUC7oeARkjSCYE

Score

10^/10

smokeloader backdoor trojan

Malware Config

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader
Smokeloader family
smokeloader

C:\Users\Admin\AppData\Local\Temp\a059d671d950abee93ef78a170d58a3839c2a465914ab3bd5411e39c89ae55a2.exe
"C:\Users\Admin\AppData\Local\Temp\a059d671d950abee93ef78a170d58a3839c2a465914ab3bd5411e39c89ae55a2.exe"
1⤵
PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2756-1-0x00000000002D0000-0x00000000003D0000-memory.dmp

Filesize
1024KB

Download
memory/2756-2-0x00000000001B0000-0x00000000001BB000-memory.dmp

Filesize
44KB

Download
memory/2756-3-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2756-5-0x00000000001B0000-0x00000000001BB000-memory.dmp

Filesize
44KB

Download
memory/2756-4-0x0000000000400000-0x000000000053A000-memory.dmp

Filesize
1.2MB

Download