Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8f4138f048c56d9f60a0753d1afabff5ce1ba8873eefea51361b7f16cbcd23df
-
Size
219KB
-
Sample
230930-1m1k4sha72
-
MD5
400267243cc5ef6248971103ccb9e917
-
SHA1
e8c0db79536e7d8fe656ecbf656d6a807879d843
-
SHA256
8f4138f048c56d9f60a0753d1afabff5ce1ba8873eefea51361b7f16cbcd23df
-
SHA512
f110cd862f2a6293731ad7b5025a30fe4baba092287ee85c65d08c8bedcda711bcce75da117f3a7abdbd812b6a62945796b70928b82d0aff95177df679fd3681
-
SSDEEP
3072:woiRZjNmm+ItXdcz4q7kn6YjfpIfQKkJ/955/dYTPig3:0NV+/MYu6YjfpIfQ//ddYTPi
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
8f4138f048c56d9f60a0753d1afabff5ce1ba8873eefea51361b7f16cbcd23df
-
Size
219KB
-
MD5
400267243cc5ef6248971103ccb9e917
-
SHA1
e8c0db79536e7d8fe656ecbf656d6a807879d843
-
SHA256
8f4138f048c56d9f60a0753d1afabff5ce1ba8873eefea51361b7f16cbcd23df
-
SHA512
f110cd862f2a6293731ad7b5025a30fe4baba092287ee85c65d08c8bedcda711bcce75da117f3a7abdbd812b6a62945796b70928b82d0aff95177df679fd3681
-
SSDEEP
3072:woiRZjNmm+ItXdcz4q7kn6YjfpIfQKkJ/955/dYTPig3:0NV+/MYu6YjfpIfQ//ddYTPi
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Suspicious use of SetThreadContext
-