smokeloader | 97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f
Size

226KB
Sample

221224-azf45ahd44
MD5

ebe0519bee1beee646ad5773e940d1ac
SHA1

d80f8765fecc726a20dc8dc66c1f601b7a351290
SHA256

97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f
SHA512

aafb9b79811668c7aab4023d1135ad5e848ebffd111f4f95f36bba3c121272267bac589736867155056216c9398bb53598be4025b91b978d2d467626d1356c33
SSDEEP

3072:DOJqfL4y5u5gdptwZLqsjcyQZTtGcNJX0NRPH8oSeaqxY3Ox6qQo3:xL48HdpItQHBp0P8otaqxHk5o

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f
- Size
  
  226KB
- MD5
  
  ebe0519bee1beee646ad5773e940d1ac
- SHA1
  
  d80f8765fecc726a20dc8dc66c1f601b7a351290
- SHA256
  
  97ed742f210e24632f8ad14431fe7639d4e47ad2075550080e3f6cefd6dacc0f
- SHA512
  
  aafb9b79811668c7aab4023d1135ad5e848ebffd111f4f95f36bba3c121272267bac589736867155056216c9398bb53598be4025b91b978d2d467626d1356c33
- SSDEEP
  
  3072:DOJqfL4y5u5gdptwZLqsjcyQZTtGcNJX0NRPH8oSeaqxY3Ox6qQo3:xL48HdpItQHBp0P8otaqxHk5o
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy