smokeloader | c8c2f203b7ea5c76565d6a8f0bb741139f1fcb0cba9ceb931b8ae4fbbc20f1ad | Triage

Submit
Reports

Overview

overview

Static

static

ef5d150e7e...51.exe

windows7-x64

ef5d150e7e...51.exe

windows10-2004-x64

Sharing

General

Target

ef5d150e7ed7e32d56f29ad614722f975c24943e9b03c3002777d4b09fc61d51
Size

145KB
Sample

221025-cnfekabcd3
MD5

8c281d2dfdb676089f3e5a5efad84877
SHA1

18a1a47c9bcec14d8fea444c68fea8c211324bc0
SHA256

c8c2f203b7ea5c76565d6a8f0bb741139f1fcb0cba9ceb931b8ae4fbbc20f1ad
SHA512

cffe8e235d71d84395001e6fef685d4bba3cf8dbc3d69dfcf6dddf774e6d2b610d6cf66c32308adc91497703c28b3def162fb37b4e0a6ae7636c7693e7af3ffa
SSDEEP

3072:xokjgylmSHsvUGCxfQt49AGMVu9fInKQYOg53n3Nva53ShP3GDZox:xok8yEOIUGCxfGGMVu9f0ITdRaJSZGDO

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

ef5d150e7ed7e32d56f29ad614722f975c24943e9b03c3002777d4b09fc61d51.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef5d150e7ed7e32d56f29ad614722f975c24943e9b03c3002777d4b09fc61d51.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef5d150e7ed7e32d56f29ad614722f975c24943e9b03c3002777d4b09fc61d51
- Size
  
  220KB
- MD5
  
  4dced3a6261b7227a48c79799ee12bfd
- SHA1
  
  b4bd037c6b4e1c2e85d9a89fac1f40d48c72711f
- SHA256
  
  ef5d150e7ed7e32d56f29ad614722f975c24943e9b03c3002777d4b09fc61d51
- SHA512
  
  21c0f9fbe8d6d17cf12f9b20f1e093db0936770b5e0c01e47fba2f86b9cdd5de531a83bcd52667f04b103f75d409020c0beaac6e8615923f6b11ed245c6bb850
- SSDEEP
  
  3072:ZBnO5d84THy2ULgJWwp6n50KWZ1IUhyR31kP+05fA4ujELWJe:ZBOIXLYpAWvIX31kPxA5uW
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy