smokeloader | 014b839a8f5ed309215faf2745b023e9a3543375e78c9f9b4b44bc1018258bd4 | Triage

Submit
Reports

Overview

overview

Static

static

e2eba43f27...7b.exe

windows7-x64

e2eba43f27...7b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

e2eba43f2743f9a8807e262ddbc60c153f4dbe14a7e208b1889acdf02697007b
Size

175KB
Sample

221207-alwyesbg3w
MD5

1fa2b1f98f7c3ca3a47789cb9f34d434
SHA1

18885659c1147873b3d50fe1a44d1b0cc3c7b70b
SHA256

014b839a8f5ed309215faf2745b023e9a3543375e78c9f9b4b44bc1018258bd4
SHA512

0be4566aef6f3f41a6b102ee3afc9b4a97ad353adc0b45f7df5b788b11a82ad3e52e9f10882b6e6c9973e10fcb60f8da15aa6488dfd9916cc8f1cf39b858dab9
SSDEEP

3072:B0Vfc/cdjO1k4CE3r/uIf6TFFZgA9TlR0BPJOMD8ZxNCUsorlxixjv5pG4JOCo/R:Bifc/cdjKkdE3r/pfdAtiO08ZxNLixj6

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

e2eba43f2743f9a8807e262ddbc60c153f4dbe14a7e208b1889acdf02697007b.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

e2eba43f2743f9a8807e262ddbc60c153f4dbe14a7e208b1889acdf02697007b.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  e2eba43f2743f9a8807e262ddbc60c153f4dbe14a7e208b1889acdf02697007b
- Size
  
  273KB
- MD5
  
  fd759188fed4ac96786da1eb8f525db5
- SHA1
  
  632c22553efb65056fc5f092ef6208581a594e10
- SHA256
  
  e2eba43f2743f9a8807e262ddbc60c153f4dbe14a7e208b1889acdf02697007b
- SHA512
  
  5fa480ff6cab88a0506e0bcd4aa4a660caac989a0f8fa6c4a54339927299ea0d64dac8674bd441d15087f5ca37c3ed40b84d609dcb387825f7698252e7dae58f
- SSDEEP
  
  6144:QH3e0knVU1fGYGmKtjAt1yAGSIDc5tQOAVS:QHudVU1f6asDc5SVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy