smokeloader | f4e2570a95c03feea7ed14dede4904a942d20cad63e40210bf2cd9447e04665d | Triage

Submit
Reports

Overview

overview

Static

static

6d75500f9b...ae.exe

windows7-x64

6d75500f9b...ae.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

6d75500f9b4a5e12f8f1c8b917c2f6ae.exe
Size

214KB
Sample

221016-g8wz9shac5
MD5

6d75500f9b4a5e12f8f1c8b917c2f6ae
SHA1

be3fd463b2be3fcb6baf07f49736eaddc92c555b
SHA256

f4e2570a95c03feea7ed14dede4904a942d20cad63e40210bf2cd9447e04665d
SHA512

10a2ff5b28d4c572d94ed7b34bd48423af9c203551d2daa00fe0b179b1164987d1b6a9500c7df7cdc15288cb198da7261999787120f5a6af43cdf607cdeb198e
SSDEEP

3072:PXp50NAeLHFgxgpyZ85YA8WYu7FvaxkoROgwPNZvhg80K0DpwC:/oN5LHFQZFA8uvSIXbhg80Jp

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6d75500f9b4a5e12f8f1c8b917c2f6ae.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6d75500f9b4a5e12f8f1c8b917c2f6ae.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  6d75500f9b4a5e12f8f1c8b917c2f6ae.exe
- Size
  
  214KB
- MD5
  
  6d75500f9b4a5e12f8f1c8b917c2f6ae
- SHA1
  
  be3fd463b2be3fcb6baf07f49736eaddc92c555b
- SHA256
  
  f4e2570a95c03feea7ed14dede4904a942d20cad63e40210bf2cd9447e04665d
- SHA512
  
  10a2ff5b28d4c572d94ed7b34bd48423af9c203551d2daa00fe0b179b1164987d1b6a9500c7df7cdc15288cb198da7261999787120f5a6af43cdf607cdeb198e
- SSDEEP
  
  3072:PXp50NAeLHFgxgpyZ85YA8WYu7FvaxkoROgwPNZvhg80K0DpwC:/oN5LHFQZFA8uvSIXbhg80Jp
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy