smokeloader | 6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd
Size

295KB
Sample

220928-t9lbdahfhn
MD5

fd3863dfd5b35b2c208409044f6614c1
SHA1

be885f0ee463608deeba2ffed2e82fb13313706c
SHA256

6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd
SHA512

385925ab2ee0350c92523fe2037c9d897d78bc132eca52e936cb20791961722365ac4390d53495b1fe1136e481c64e390684a7fa2e638a57c31dc3af77d10006
SSDEEP

6144:bwGWa1hltWmb7lJuBACMd0q1igavwVfI:bdltWmb2AYqYR

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd
- Size
  
  295KB
- MD5
  
  fd3863dfd5b35b2c208409044f6614c1
- SHA1
  
  be885f0ee463608deeba2ffed2e82fb13313706c
- SHA256
  
  6e073af595df46e635231ce8d62194e1b6c53a90eaa08a4051e9eb53022f82bd
- SHA512
  
  385925ab2ee0350c92523fe2037c9d897d78bc132eca52e936cb20791961722365ac4390d53495b1fe1136e481c64e390684a7fa2e638a57c31dc3af77d10006
- SSDEEP
  
  6144:bwGWa1hltWmb7lJuBACMd0q1igavwVfI:bdltWmb2AYqYR
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy