smokeloader | 06c06e23edf472a8074fa5ecd81b1558e2b16758f5133eeb8b8dd5ce8909615d | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

229KB
Sample

221221-nsk2dscb99
MD5

6a634b47a8431f71105bc150cd2e6241
SHA1

09a325f3e9ecea2ee458d6155f051ae08f7becd3
SHA256

06c06e23edf472a8074fa5ecd81b1558e2b16758f5133eeb8b8dd5ce8909615d
SHA512

98262a99ae2dc96df8ad24a9ec573153b6d3929465ecfac938df0c187cd569c77e88b5b0fa2e688fcdbff4230d8ff3d5e0240fcddfb9ae6dcbb9f4f0627cfd74
SSDEEP

3072:GoZY3ALdy0Pm51act+jHXjBRG2+G+LW4P84nnlAnuW1jRUcNQK1+eJV5u48:GhwLd/i+bTBRmW85nWHeeRu4

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  229KB
- MD5
  
  6a634b47a8431f71105bc150cd2e6241
- SHA1
  
  09a325f3e9ecea2ee458d6155f051ae08f7becd3
- SHA256
  
  06c06e23edf472a8074fa5ecd81b1558e2b16758f5133eeb8b8dd5ce8909615d
- SHA512
  
  98262a99ae2dc96df8ad24a9ec573153b6d3929465ecfac938df0c187cd569c77e88b5b0fa2e688fcdbff4230d8ff3d5e0240fcddfb9ae6dcbb9f4f0627cfd74
- SSDEEP
  
  3072:GoZY3ALdy0Pm51act+jHXjBRG2+G+LW4P84nnlAnuW1jRUcNQK1+eJV5u48:GhwLd/i+bTBRmW85nWHeeRu4
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy