smokeloader | 1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be
Size

179KB
Sample

230305-ja8mhsga38
MD5

8e34b1f2f8dde77647df4a288d2d0892
SHA1

3a999eee6560c3e734b6e15b955830b3a3d1ed39
SHA256

1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be
SHA512

b960d0b497d8942b1ed7c52709b5fd1b173875a4ffc375399c8c01e3d0180e766a5f276980560ac340d89b03e4547880401cba4271fbb7ea01aaa0bdbeb2e099
SSDEEP

3072:oF8J9qXc9beLdp2CE1XbqZt7LdeibCTK94phdwnRztlXB9R:f4XMbeLlEhbELLb264phdwnR5lX

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be.exe

Resource

win10v2004-20230220-en

smokeloader backdoor trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32

rc4.i32

Targets

- Target
  
  1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be
- Size
  
  179KB
- MD5
  
  8e34b1f2f8dde77647df4a288d2d0892
- SHA1
  
  3a999eee6560c3e734b6e15b955830b3a3d1ed39
- SHA256
  
  1d7437d860a392e93ea83ebe6b11a9a127d95c70699c576900a828ab869676be
- SHA512
  
  b960d0b497d8942b1ed7c52709b5fd1b173875a4ffc375399c8c01e3d0180e766a5f276980560ac340d89b03e4547880401cba4271fbb7ea01aaa0bdbeb2e099
- SSDEEP
  
  3072:oF8J9qXc9beLdp2CE1XbqZt7LdeibCTK94phdwnRztlXB9R:f4XMbeLlEhbELLb264phdwnR5lX
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy