smokeloader | 3376c1fa588b46cf076834a5b6e82d7a1345a4efbeea044dad2f6ae3a1c9b523 | Triage

Submit
Reports

Overview

overview

Static

static

048005548f...f2.exe

windows7-x64

048005548f...f2.exe

windows10-2004-x64

Sharing

General

Target

048005548f4ff156c8a9cee922435c214e24b7a772106c8e840e36edf7776bf2
Size

139KB
Sample

221226-v52y1agd9t
MD5

805fc096c8f33490afb2f31e4ea64862
SHA1

2315a9b4cdb6c278ef9dc3b9b0e232a5e27a7161
SHA256

3376c1fa588b46cf076834a5b6e82d7a1345a4efbeea044dad2f6ae3a1c9b523
SHA512

ff8b38facda64d2838d271bc67ae2512c6a4776f1ba9e24b2dba6810d6a7ddc5109db0de07ee887b1f40e448c03893f0d1e2e7a9cd7481dd7a946a4814e977ae
SSDEEP

3072:to4qlZT6fbKrZioLl1LjupiMpHXe4Ny1DoLeHdLRlpw5zX6fOBIXri4sGD:67IKrLl1GEQNyl5vlW51iri4T

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

048005548f4ff156c8a9cee922435c214e24b7a772106c8e840e36edf7776bf2.exe

Resource

win7-20221111-en

smokeloader backdoor trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

048005548f4ff156c8a9cee922435c214e24b7a772106c8e840e36edf7776bf2.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  048005548f4ff156c8a9cee922435c214e24b7a772106c8e840e36edf7776bf2
- Size
  
  230KB
- MD5
  
  86a1badfd643c574eb49a7e16e541292
- SHA1
  
  d28c39dde6d6b4ce9bfc4c7f505bc8d02b781852
- SHA256
  
  048005548f4ff156c8a9cee922435c214e24b7a772106c8e840e36edf7776bf2
- SHA512
  
  b317a066342c9aaac02f26848ccc2812248491e7ce2ab3fdfc87e3be547ca2eb33f884f63960f10fd4f4780b52cc17766323784203210c30a0872a71cf00cff5
- SSDEEP
  
  3072:Uh0RMLL2p5PxGbqqwBuYAwVZPYsecXjLptl1A+V+Y700:uLKd57B7LRtTH4+Vl7l
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy