Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

52e818ad80...db.exe

windows7-x64

10

52e818ad80...db.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b2e101c004ffa2da9032b9e41bd3803.bin

  • Size

    130KB

  • Sample

    230217-bkzhlada78

  • MD5

    06b2dc67655a7eb5553e781de261bf14

  • SHA1

    1256cc059df483952d6bc4971f29586705a6653f

  • SHA256

    d34d39b5696942111f20b5f44c782c978433dc7285cc4ae4aa49e2cab9a7676f

  • SHA512

    7313de8c42f131927423d5fa274d74fab305e80e73cfa913896f4aedc5f4f6d397b1b0d6d6fd1d4cefcd86509f0920335ec6f1a5443443fc34a840d626d4f962

  • SSDEEP

    3072:E/U3Y8eGPD3EtaHIwkXIYOL0b4Z7o3qIeHryxdtm2Y4:3YHkD3DILOL0M7xihY4

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      52e818ad807f4a682e1f1fe9b09e9cd77d88934b00279b2d899de598be290adb.exe

    • Size

      189KB

    • MD5

      4b2e101c004ffa2da9032b9e41bd3803

    • SHA1

      3aa99d3ad9377101f1cb7705d9b6f95f0c4c315f

    • SHA256

      52e818ad807f4a682e1f1fe9b09e9cd77d88934b00279b2d899de598be290adb

    • SHA512

      da65b885ddc75bd22bf4b96ad64c086e34cb1129ea8192426be8fdc0f4218b70e765541498519c47fd057ba89f2bb4b2d0a95788a1ce0e354afcc81de45b002b

    • SSDEEP

      3072:mHu7nUnEHnqNT+Abg9/PLt3eew1n6iSjxkBlwyD1NuXGdmBbW:0OnUEHqNT+00PLxeeMn6nxkvwMNMGdm

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks