smokeloader | 932ba1468220264f7f2991e8ca915a6ba3c2bc9a37b747a16c50d983fe89c5d2 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

223KB
Sample

221225-fqvttaec6s
MD5

48c2031b82e27f60b5c07b84ab3ccfe5
SHA1

d7ac785078d95d63b221e508bdc22e41dfb709cd
SHA256

932ba1468220264f7f2991e8ca915a6ba3c2bc9a37b747a16c50d983fe89c5d2
SHA512

3058f2bb1f77bae27717b581ec5e81e474f0ef21ac6980ac4c8061a69883f1aa9c09e7a52bb8dbeb066ad666fb381fd2864e00e9a6f331bbf95e3907bf0c57df
SSDEEP

3072:ZDn7pjqKLTU5sSc3/pHfO3fdomGiHs02GauDrkf/ln:LjqKLTtScPp/YfdomGzGaMq

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  223KB
- MD5
  
  48c2031b82e27f60b5c07b84ab3ccfe5
- SHA1
  
  d7ac785078d95d63b221e508bdc22e41dfb709cd
- SHA256
  
  932ba1468220264f7f2991e8ca915a6ba3c2bc9a37b747a16c50d983fe89c5d2
- SHA512
  
  3058f2bb1f77bae27717b581ec5e81e474f0ef21ac6980ac4c8061a69883f1aa9c09e7a52bb8dbeb066ad666fb381fd2864e00e9a6f331bbf95e3907bf0c57df
- SSDEEP
  
  3072:ZDn7pjqKLTU5sSc3/pHfO3fdomGiHs02GauDrkf/ln:LjqKLTtScPp/YfdomGzGaMq
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy