smokeloader | 0c0423483302f7f135d822e1262b6a187c735e65fb2372b7d49cd4d8f5b6356b | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

288KB
Sample

221230-18g1wsbh9y
MD5

832d206dead5aa4cdf20e6efd3048c25
SHA1

a0d17fd5b88be42edccaace0fb641a092afdb067
SHA256

0c0423483302f7f135d822e1262b6a187c735e65fb2372b7d49cd4d8f5b6356b
SHA512

af618c979c410b92e409a575bf82c1675a1be07649298e7ce5c0fcc02f90d82f838b96b4660d26bccc4e4d52c328178f2f0b779e956b5efc3d53b022ce326470
SSDEEP

3072:HYdKY9HuLTC1eqoRfALE4FVwSZEiJNLQnyPT+8U9SkEqwi:LqOLoeqqV4FVw/++nyPS8UIkEq

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  288KB
- MD5
  
  832d206dead5aa4cdf20e6efd3048c25
- SHA1
  
  a0d17fd5b88be42edccaace0fb641a092afdb067
- SHA256
  
  0c0423483302f7f135d822e1262b6a187c735e65fb2372b7d49cd4d8f5b6356b
- SHA512
  
  af618c979c410b92e409a575bf82c1675a1be07649298e7ce5c0fcc02f90d82f838b96b4660d26bccc4e4d52c328178f2f0b779e956b5efc3d53b022ce326470
- SSDEEP
  
  3072:HYdKY9HuLTC1eqoRfALE4FVwSZEiJNLQnyPT+8U9SkEqwi:LqOLoeqqV4FVw/++nyPS8UIkEq
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy