smokeloader | 333107cdab482e89e79716b2bc27a5d7ae80df6431fb7943946e65e55af01768 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

eff24cdc2e...d7.exe

windows7-x64

eff24cdc2e...d7.exe

windows10-2004-x64

Sharing

General

Target

eff24cdc2e1b28076e835e601d4227a87b632089ecadba8ceb3ac4f76abfb9d7
Size

125KB
Sample

220907-n6p79scac5
MD5

7aefe6bad21542f2f7b8ed2e0b6c87bd
SHA1

35fb50fd3c4b423195f122d910d900988f5dcab6
SHA256

333107cdab482e89e79716b2bc27a5d7ae80df6431fb7943946e65e55af01768
SHA512

2b504495ed0bef0147955af60e068c1fd202863c502a3acd19c9345be3bef1aa19528733beefec4d1e3c59bc74b7e46cda517d69b3b387eb4557546c82eea7ec
SSDEEP

3072:rgOtTwTwCtBV4OyBdMc0FQ92/Qya4mnTkLrn:rrt8M8HyBdMK2naVnTC

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

eff24cdc2e1b28076e835e601d4227a87b632089ecadba8ceb3ac4f76abfb9d7.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

eff24cdc2e1b28076e835e601d4227a87b632089ecadba8ceb3ac4f76abfb9d7.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  eff24cdc2e1b28076e835e601d4227a87b632089ecadba8ceb3ac4f76abfb9d7
- Size
  
  200KB
- MD5
  
  837e465b2a38b1674d5ad0bfd680e735
- SHA1
  
  5be14ddfbc3c0bd5e403707b3fb94c44c4e32251
- SHA256
  
  eff24cdc2e1b28076e835e601d4227a87b632089ecadba8ceb3ac4f76abfb9d7
- SHA512
  
  09079c54b5cecaee973a0aabe95df17125c00e2961d1e3786edcf8048ecbc971047c2337dff0d9b325fd2ae5285fc4d1d09c337e5d8c73bf74dfa663960cfcb8
- SSDEEP
  
  3072:I04PnPjPSdp08GWir2NDKCfS5Z6ncT69sYrABn9:qPCpxl86nc+yYrKn
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy