Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4f45c248f85309015b06c13c239f67c795fdadaaccf7869a4a088d6912c85c83
-
Size
359KB
-
Sample
230322-tqa2ashh67
-
MD5
1317d94f8128c203c467c24e78c9cae0
-
SHA1
ccf709990df418998579eb3a50092416e0f1b80c
-
SHA256
4f45c248f85309015b06c13c239f67c795fdadaaccf7869a4a088d6912c85c83
-
SHA512
94b86441a937e4ed0646f4bc0a8e5bc22719676fb853c76e0d8fea9acf59a1bbefd95b9bcec05b30a4e592c75d276b8c7a47a24da18990e276ae076decfc54db
-
SSDEEP
3072:OgrEaPOFiOAJtLnDYybyW7tfh+fukwIUOhFjIOwjwIuJJ:EW2yeGhifCn
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
4f45c248f85309015b06c13c239f67c795fdadaaccf7869a4a088d6912c85c83
-
Size
359KB
-
MD5
1317d94f8128c203c467c24e78c9cae0
-
SHA1
ccf709990df418998579eb3a50092416e0f1b80c
-
SHA256
4f45c248f85309015b06c13c239f67c795fdadaaccf7869a4a088d6912c85c83
-
SHA512
94b86441a937e4ed0646f4bc0a8e5bc22719676fb853c76e0d8fea9acf59a1bbefd95b9bcec05b30a4e592c75d276b8c7a47a24da18990e276ae076decfc54db
-
SSDEEP
3072:OgrEaPOFiOAJtLnDYybyW7tfh+fukwIUOhFjIOwjwIuJJ:EW2yeGhifCn
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Deletes itself
-
Suspicious use of SetThreadContext
-