smokeloader | 5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a
Size

282KB
Sample

230113-hnnzlafa52
MD5

d22826ce95df9e8f60a95f349500afc9
SHA1

4f06c5415f7bfacdd199ea4ec225dc59a782b0b4
SHA256

5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a
SHA512

3fa87f7c06a21ec1a46e77b15c74369692f396653bdfa52a7c1859617602d978c47873dc2a34303f6f83ed88c8213c2dccb7bb7bf503be11cb9a456f46f3b83b
SSDEEP

6144:NTKRLE+TDOKietwUV6F6XcV3vuZzxEmXCgyG:NTKR4+TDOKFwUV6F6kmZznS

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a
- Size
  
  282KB
- MD5
  
  d22826ce95df9e8f60a95f349500afc9
- SHA1
  
  4f06c5415f7bfacdd199ea4ec225dc59a782b0b4
- SHA256
  
  5d6f9643c46654b623b5a6b17bc9a4fa8033e7e6f20e8e539c595c6cc97c794a
- SHA512
  
  3fa87f7c06a21ec1a46e77b15c74369692f396653bdfa52a7c1859617602d978c47873dc2a34303f6f83ed88c8213c2dccb7bb7bf503be11cb9a456f46f3b83b
- SSDEEP
  
  6144:NTKRLE+TDOKietwUV6F6XcV3vuZzxEmXCgyG:NTKR4+TDOKFwUV6F6kmZznS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy