smokeloader | b04a97266b50ce3674a2a10d888fb1debd0379bf035d368c3d71304e3b60cbba | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

f10c932d66...d3.exe

windows7-x64

f10c932d66...d3.exe

windows10-2004-x64

Sharing

General

Target

f10c932d6616498c831832ea297eb2d3.exe
Size

300KB
Sample

220917-g67c8adbfp
MD5

f10c932d6616498c831832ea297eb2d3
SHA1

fbf48f28e027081a59c8ff0633e36c7bf9249aac
SHA256

b04a97266b50ce3674a2a10d888fb1debd0379bf035d368c3d71304e3b60cbba
SHA512

90ea93e84f9d89d49a129c4ff2bc7a2a069e3c85d15e68771e2d57171815a0294a3d4428b39b01dddc86a9849f6fa4d585de94b160352daab967804451e3c1c1
SSDEEP

6144:AmM2LnjfMakXleZGv94d80gnigabwVfA:pR7jh6j94zgir

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

f10c932d6616498c831832ea297eb2d3.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f10c932d6616498c831832ea297eb2d3.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f10c932d6616498c831832ea297eb2d3.exe
- Size
  
  300KB
- MD5
  
  f10c932d6616498c831832ea297eb2d3
- SHA1
  
  fbf48f28e027081a59c8ff0633e36c7bf9249aac
- SHA256
  
  b04a97266b50ce3674a2a10d888fb1debd0379bf035d368c3d71304e3b60cbba
- SHA512
  
  90ea93e84f9d89d49a129c4ff2bc7a2a069e3c85d15e68771e2d57171815a0294a3d4428b39b01dddc86a9849f6fa4d585de94b160352daab967804451e3c1c1
- SSDEEP
  
  6144:AmM2LnjfMakXleZGv94d80gnigabwVfA:pR7jh6j94zgir
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy