smokeloader | 8f97430ba7f51cbcfa247de62465470aee40c9e227b524e8dd04c9b2c8418e70 | Triage

Submit
Reports

Overview

overview

Static

static

eb78b3349e...8c.exe

windows7-x64

eb78b3349e...8c.exe

windows10-2004-x64

Sharing

General

Target

eb78b3349eef1e12640e703c83094e688af83cf41af8f6a71056f32e3b48658c
Size

105KB
Sample

221129-vs94vacd8x
MD5

f506af1a0fb22999e8ed7de8e6b12740
SHA1

05b72eebc56c8cacc9ec77a8bdbd716699bc6e29
SHA256

8f97430ba7f51cbcfa247de62465470aee40c9e227b524e8dd04c9b2c8418e70
SHA512

ba61eb793eb93f17a666d86af0813d31c5b468f84f0ae587b77746a59dfc3f0a36d9a36986d708529385e44ac0989a6e469c42ecf2fe49ad9464642f86f9d115
SSDEEP

3072:DER+ON1FR8nVTDhGOGco0lNSchL5fPkOoABF:DIjOTNGco0DSicAr

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

eb78b3349eef1e12640e703c83094e688af83cf41af8f6a71056f32e3b48658c.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

eb78b3349eef1e12640e703c83094e688af83cf41af8f6a71056f32e3b48658c.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  eb78b3349eef1e12640e703c83094e688af83cf41af8f6a71056f32e3b48658c
- Size
  
  145KB
- MD5
  
  0ff5c2b7a0e68ba0729716beea4d5825
- SHA1
  
  5198a445e5719e4b2b4a04a9e6d6c51ff87e3178
- SHA256
  
  eb78b3349eef1e12640e703c83094e688af83cf41af8f6a71056f32e3b48658c
- SHA512
  
  079cf3a40ac927b852cb818168f35a6a025ac302a364c03c7a574921c6242791bc57a125c9c49648e38b859b8323f47678dba1f24915ed942abe73cfbd305db5
- SSDEEP
  
  3072:kPY+hfIw2N5NvqhCZ2e0k2AQAU/Evgk2+R:q3ewGka2e0k2BAK0V
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy