smokeloader | 9131714189fba5625c9da8580f6065f640c533c7cef0a7df00260763b0cda401 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

d0be185939...d0.exe

windows7-x64

d0be185939...d0.exe

windows10-2004-x64

Sharing

General

Target

d0be1859393eb44ce5274affcfde6bd0.exe
Size

342KB
Sample

221204-myzajaff81
MD5

d0be1859393eb44ce5274affcfde6bd0
SHA1

b0b15940c51b2e2cdfa54d48274695a609e98cb0
SHA256

9131714189fba5625c9da8580f6065f640c533c7cef0a7df00260763b0cda401
SHA512

22797911812d80b6d388b363ba9a32a2663b600b30eaf2b705de9f7bd32f6eec825f63ccd93911f716f167b0e37328b6f4982426bb19495a763eb8df43cc421e
SSDEEP

6144:6Yvgo+Iuia3Giv+NCZ3RFYPlymlglpIzG1PK:6ogo+fFDbYPlyWglpwG

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d0be1859393eb44ce5274affcfde6bd0.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0be1859393eb44ce5274affcfde6bd0.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d0be1859393eb44ce5274affcfde6bd0.exe
- Size
  
  342KB
- MD5
  
  d0be1859393eb44ce5274affcfde6bd0
- SHA1
  
  b0b15940c51b2e2cdfa54d48274695a609e98cb0
- SHA256
  
  9131714189fba5625c9da8580f6065f640c533c7cef0a7df00260763b0cda401
- SHA512
  
  22797911812d80b6d388b363ba9a32a2663b600b30eaf2b705de9f7bd32f6eec825f63ccd93911f716f167b0e37328b6f4982426bb19495a763eb8df43cc421e
- SSDEEP
  
  6144:6Yvgo+Iuia3Giv+NCZ3RFYPlymlglpIzG1PK:6ogo+fFDbYPlyWglpwG
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy