smokeloader | faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7
Size

286KB
Sample

221106-y7v51schbk
MD5

33d20718bb9d25f101c0a8302ad37c3f
SHA1

f0dd9cce7dbf081aa61a1e72c97d9a4b0690d2f2
SHA256

faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7
SHA512

e998539178c0513af23410b6d0771f6ffbe4b29ddd9986b13965dcc3907f7dff67f55dcfd2ea60917df152c62cad7490e7d5220fd5b22f42cf6075dc693cd629
SSDEEP

3072:jDXpn+tpO6h57KDTA+RVhgvQpPXrY+AAnj:PpnG/yfCQe+z

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7
- Size
  
  286KB
- MD5
  
  33d20718bb9d25f101c0a8302ad37c3f
- SHA1
  
  f0dd9cce7dbf081aa61a1e72c97d9a4b0690d2f2
- SHA256
  
  faf76da64be876db40c97b13f144fe93b616a3d503cc15d5e8472468b27984a7
- SHA512
  
  e998539178c0513af23410b6d0771f6ffbe4b29ddd9986b13965dcc3907f7dff67f55dcfd2ea60917df152c62cad7490e7d5220fd5b22f42cf6075dc693cd629
- SSDEEP
  
  3072:jDXpn+tpO6h57KDTA+RVhgvQpPXrY+AAnj:PpnG/yfCQe+z
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy