Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    320KB

  • Sample

    221101-f1vxkahcfj

  • MD5

    989f0118f0a47d477fc5df1177c66416

  • SHA1

    99883ffc1654929595aabb58bdc2835afeac61fa

  • SHA256

    53f419715676fad8ac085500d15be5f9b9998e37f147f70d7d342a0a9fad45cf

  • SHA512

    19b2bf20c0e61673197b8b97cda479ea2d5a227feab57a4308165a1c8ee15c22d09d47de9ebdae1eb5b30bdbce0ebd74e025bf0f660319516cb986aea3a6793d

  • SSDEEP

    3072:6uzrwjSqDxz5XwBdahPZz4wSzBA5RCyk1nfVm05pHjsKVggjcGkNIVqIE:1wjSqDA6hPZUBlAyD9A05pHN7ITsq

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file

    • Size

      320KB

    • MD5

      989f0118f0a47d477fc5df1177c66416

    • SHA1

      99883ffc1654929595aabb58bdc2835afeac61fa

    • SHA256

      53f419715676fad8ac085500d15be5f9b9998e37f147f70d7d342a0a9fad45cf

    • SHA512

      19b2bf20c0e61673197b8b97cda479ea2d5a227feab57a4308165a1c8ee15c22d09d47de9ebdae1eb5b30bdbce0ebd74e025bf0f660319516cb986aea3a6793d

    • SSDEEP

      3072:6uzrwjSqDxz5XwBdahPZz4wSzBA5RCyk1nfVm05pHjsKVggjcGkNIVqIE:1wjSqDA6hPZUBlAyD9A05pHN7ITsq

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks