smokeloader | 048982f1e1ea160aeef7944db6fb37bcc630f229d1e47553655d946f0749083f | Triage

Submit
Reports

Overview

overview

Static

static

b2840b48af...c3.exe

windows7-x64

b2840b48af...c3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b2840b48afe6d10fd0922a6287be408d630f68d3853d7ceb97ffea01511d9fc3
Size

151KB
Sample

230101-xa5shscd94
MD5

367a49380ef3ed69d24df9702cffa415
SHA1

29497f7c882e3da5465786d10d6de7e56355d6c6
SHA256

048982f1e1ea160aeef7944db6fb37bcc630f229d1e47553655d946f0749083f
SHA512

92077c029a2688443650cc62d33db7582964d219849d13a113b5cd3f339b36c12be6b5d8ffefc11b8a074340808433a00e8369bb672871abb83dad452b97d300
SSDEEP

3072:5G0646n6arUDU17tUcT/R3nrswKgi6O0D1jTtN6bN8wnk2ZKrd:N64GrUDehdXr/HO+jpSN8wnN4x

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

b2840b48afe6d10fd0922a6287be408d630f68d3853d7ceb97ffea01511d9fc3.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2840b48afe6d10fd0922a6287be408d630f68d3853d7ceb97ffea01511d9fc3.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b2840b48afe6d10fd0922a6287be408d630f68d3853d7ceb97ffea01511d9fc3
- Size
  
  241KB
- MD5
  
  edab7196fd74b6f7d832c5ab50cd83e6
- SHA1
  
  48a1cb92676bd9748d2cf6d699212d51fb2bf7ea
- SHA256
  
  b2840b48afe6d10fd0922a6287be408d630f68d3853d7ceb97ffea01511d9fc3
- SHA512
  
  ac178a1ef320fae801afcfce2e937caadd13405095724691e3c324781f76982a04a877beae9989ce9331d2a56eede246d511131a19e7d3b9109a7e24ef779d9b
- SSDEEP
  
  3072:S8X5CBtiqFLtSITR9d/U/56mFalcchbp1tk7wKgi6O0D1jTtSWkiOUjg6OM2nvQu:fRqFL9d8wc0bBJHO+jpONrV4b7i
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy