smokeloader | 84b2daba87aa0ae854a945845bbb3bb078a79bb16fe24813290440ef20cb8218 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

aa81a9c471...b7.exe

windows7-x64

aa81a9c471...b7.exe

windows10-2004-x64

Sharing

General

Target

aa81a9c47124af163f0da4e3b2f66bca1349d62b8a54fd89fb68a1110774c5b7
Size

133KB
Sample

221020-y5bnladafk
MD5

c8891231222ec074e74b7469ba0da77d
SHA1

26d99403a80056cede77b97adeb8ee99475c9cae
SHA256

84b2daba87aa0ae854a945845bbb3bb078a79bb16fe24813290440ef20cb8218
SHA512

85d95561b0e45b240ccb3860ebf188881d8df2cbce2b595e4ca1f17dd2d5e0078759000594ad296863025533218ad120317f65f387b74eae013368976ba992c1
SSDEEP

3072:UXHIzQOD16Oli9Y8WXwpeHRQxzbYZ/s19cRsW1NCN+38w8WuRl2Iq:AHwQI6F939yQh4uucNa8wNW2P

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

aa81a9c47124af163f0da4e3b2f66bca1349d62b8a54fd89fb68a1110774c5b7.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa81a9c47124af163f0da4e3b2f66bca1349d62b8a54fd89fb68a1110774c5b7.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  aa81a9c47124af163f0da4e3b2f66bca1349d62b8a54fd89fb68a1110774c5b7
- Size
  
  195KB
- MD5
  
  2433bf8c74963f24417b6fa98f27ba4d
- SHA1
  
  14a7a47a82dd76788dea483c79ee8df5ccaa8e29
- SHA256
  
  aa81a9c47124af163f0da4e3b2f66bca1349d62b8a54fd89fb68a1110774c5b7
- SHA512
  
  bb51c3aa15b1d2b971ee26ac0f5ba3e441497af6a57b09006b46a1077c5a351c2e29d1225694c86e02d161191db4d72d4c2b5c1de1dd2662ea3092f22528e4b5
- SSDEEP
  
  3072:6XNbdGLyviLv0v/5i46LyhcRsW1NO0Klybk+Fc5b3:aJdGLWiLv8Kcuo0XfF8
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy