smokeloader | 0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824
Size

320KB
Sample

221206-k44fbsga2s
MD5

3169421c73b9099cacfd5c5b75df237b
SHA1

bf788fe4de2df592b2507e0fc3a065e309f50b5c
SHA256

0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824
SHA512

5a3b940d51336969eda4ac28926c6d24b6864ae4ebbea370a4fcc0db5c03966c261ebee61da5215ee0ad7382bb7bcdcee83b17c3eba0d7417be1485c7ecc48ad
SSDEEP

3072:iU8XI4dVNBy+HGq9L2R7T8xB5ak4SFjOeeygDVmn6tb64mbB2z0TNsPp2KidhJd5:EbNBy+/L21T8xetx7InvbBRTpF

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824
- Size
  
  320KB
- MD5
  
  3169421c73b9099cacfd5c5b75df237b
- SHA1
  
  bf788fe4de2df592b2507e0fc3a065e309f50b5c
- SHA256
  
  0f92b27823ea34c606c0fcfd3ff187f2dcddf48eb374864d396f5fd9928e9824
- SHA512
  
  5a3b940d51336969eda4ac28926c6d24b6864ae4ebbea370a4fcc0db5c03966c261ebee61da5215ee0ad7382bb7bcdcee83b17c3eba0d7417be1485c7ecc48ad
- SSDEEP
  
  3072:iU8XI4dVNBy+HGq9L2R7T8xB5ak4SFjOeeygDVmn6tb64mbB2z0TNsPp2KidhJd5:EbNBy+/L21T8xetx7InvbBRTpF
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy