smokeloader | 75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd
Size

334KB
Sample

230103-hhq7rsae22
MD5

b685d559877ee796e03ae2fa2950dc24
SHA1

fd6b44e61ba98583026006ec8ee7d9b188671011
SHA256

75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd
SHA512

d56aee90e4e7cfc1246341f0c20ec09377e7e204dbf657a0a2e93c27194170294d9e041dcff81d7d70dbe06ddcf5b76871486bb3a4f8b8df132b58958f4881ec
SSDEEP

6144:HLdL5g4XgHLf0MWD0admOjAWTM4xVvkHb+ewx:rdlg4ef0MW1LXTMENi+r

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd
- Size
  
  334KB
- MD5
  
  b685d559877ee796e03ae2fa2950dc24
- SHA1
  
  fd6b44e61ba98583026006ec8ee7d9b188671011
- SHA256
  
  75d8077636ee1ec7b44f33cfdc65dc4a5b96d4c0b9ac3df0879b97e2bae1f9dd
- SHA512
  
  d56aee90e4e7cfc1246341f0c20ec09377e7e204dbf657a0a2e93c27194170294d9e041dcff81d7d70dbe06ddcf5b76871486bb3a4f8b8df132b58958f4881ec
- SSDEEP
  
  6144:HLdL5g4XgHLf0MWD0admOjAWTM4xVvkHb+ewx:rdlg4ef0MW1LXTMENi+r
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy