smokeloader | 6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b
Size

249KB
Sample

220913-smnmjsbfhj
MD5

931c666a7bb9190f5dec8bed370e63d4
SHA1

bf4a2198683d2472d7f71120435ff4ba2c344f6b
SHA256

6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b
SHA512

14d3347e87884efbd7abaed9230e915c9baa1945165c2a5a57b9559b3e00baed954d6aaf3428f84ddc4f6fbbc094241cd87f914eb9727dbf7ca87d1fae754be4
SSDEEP

6144:R9zWRANS5rKSxDtCz78sfDQGcWM2QDn8l:TqAGrKSxDtUNDQCM

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b
- Size
  
  249KB
- MD5
  
  931c666a7bb9190f5dec8bed370e63d4
- SHA1
  
  bf4a2198683d2472d7f71120435ff4ba2c344f6b
- SHA256
  
  6fa94d6ee7a24a1dea25476fd585d371fb7fa39197aa8e48ef8cd933bb5ea08b
- SHA512
  
  14d3347e87884efbd7abaed9230e915c9baa1945165c2a5a57b9559b3e00baed954d6aaf3428f84ddc4f6fbbc094241cd87f914eb9727dbf7ca87d1fae754be4
- SSDEEP
  
  6144:R9zWRANS5rKSxDtCz78sfDQGcWM2QDn8l:TqAGrKSxDtUNDQCM
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy