smokeloader | b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319
Size

456KB
Sample

221128-dap8aadg4t
MD5

55b8bd9e2420f79afb0b3e1dd8a33076
SHA1

94ab22b20ae4035cc3d57744883e8c31eef4188a
SHA256

b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319
SHA512

5a126991b073432d53504dd97c7404bac0bdb784662133b1aae44d52a255b0923c60cbd96505d16de8dab140470b5519a975d8b753f0ea24f9271071ad0925d9
SSDEEP

12288:nykzrbETClqHskFgFwIyXCDf6yTy6rLhnfOWEeIc4Yh:h76CsskFgqIyXNMLhZtMY

Score

10^/10

smokeloader backdoor collection trojan

Static task

static1

Behavioral task

behavioral1

Sample

b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319.exe

Resource

win10-20220901-en

smokeloader backdoor collection trojan

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319
- Size
  
  456KB
- MD5
  
  55b8bd9e2420f79afb0b3e1dd8a33076
- SHA1
  
  94ab22b20ae4035cc3d57744883e8c31eef4188a
- SHA256
  
  b858414f82da91b44da1734432929660a2b866f5a424d88d4f60b6c0ffba9319
- SHA512
  
  5a126991b073432d53504dd97c7404bac0bdb784662133b1aae44d52a255b0923c60cbd96505d16de8dab140470b5519a975d8b753f0ea24f9271071ad0925d9
- SSDEEP
  
  12288:nykzrbETClqHskFgFwIyXCDf6yTy6rLhnfOWEeIc4Yh:h76CsskFgqIyXNMLhZtMY
Score

10^/10

smokeloader backdoor collection trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorcollectiontrojan

© 2018-2025

Terms | Privacy