smokeloader | d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
30/03/2025, 00:39

Sharing

Report Analysis Logs

General

Target

2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader.exe
Size

428KB
MD5

301c1911097e970171c6b70ddbbb5936
SHA1

a4257eb568c751b587bdcd44adb90814dcee6bc0
SHA256

d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc
SHA512

831153bc578309106b4b9106a1e971309ff857b8d0f187b1cfc81ef5da2ffd2eda4b0bf324db596fbd9105aefab60b2e05189108a479e828c3cb409e49633b26
SSDEEP

6144:zueLxGurWsVg44ZojxemC36lI19pFHYjhSifvGYcz1T:zueVGu6sehZ2y6lI5F0tnSh

Score

10^/10

smokeloader pub4 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub4

Signatures

SmokeLoader
Modular backdoor trojan in use since 2014.
trojan backdoor smokeloader
Smokeloader family
smokeloader

C:\Users\Admin\AppData\Local\Temp\2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader.exe
"C:\Users\Admin\AppData\Local\Temp\2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader.exe"
1⤵
PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2756-0-0x0000000000220000-0x000000000024B000-memory.dmp

Filesize
172KB

Download
memory/2756-1-0x0000000000250000-0x000000000025B000-memory.dmp

Filesize
44KB

Download
memory/2756-3-0x0000000000400000-0x0000000000473000-memory.dmp

Filesize
460KB

Download
memory/2756-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2756-6-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2756-5-0x0000000000220000-0x000000000024B000-memory.dmp

Filesize
172KB

Download
memory/2756-4-0x0000000000250000-0x000000000025B000-memory.dmp

Filesize
44KB

Download