MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Smoke Loader


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428
SHA3-384 hash: 0e93a03899eecd2d7962e23370990d88071dad386266a832180ffcabe98d1b036d4955ea7128390558a6f9523ed50b01
SHA1 hash: 4d4599d139a885b65da0764db2a31631e6c9b95c
MD5 hash: 56491b8319d8d74f73f831b9923076d8
humanhash: august-fourteen-neptune-september
File name:7DaysToDiePD-1.4.0-win64.rar
Download: download sample
Signature Smoke Loader
Create hunting rule
File size:14'941'102 bytes
First seen:2026-04-24 21:03:20 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
Note:This file is a password protected archive. The password is: 9931
ssdeep 393216:/WU38bCSBTzGFbAMQYudPzcssygqoV7IC7Vru5WyeJ5aNWZLF:uU3sCSBuAJpbcuglV7xlu5WyW0NWtF
TLSH T1CCE633FE9577FDC2697062BC30A098C8B1B59E6016836C1E6491FBC69FD12CCE90BD85
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter tcains1
Tags:pw-9931 rar Smoke Loader

Intelligence

File Origin
# of uploads :
1
# of downloads :
79
Origin country :
US US
File Archive Information

This file archive contains 54 file(s), sorted by their relevance:

File name:mon.cpp
File size:323'300 bytes
SHA256 hash: 999677eacd8c1326ec488152127d6c89fb2766b4801977bd83e168f742161a03
MD5 hash: 2ed39a7eceab480fcd4c2e6a5725fb0d
MIME type:application/octet-stream
Signature Smoke Loader
File name:swap.bin
File size:236'170 bytes
SHA256 hash: 843b40e9f6e58d181a395654bf693a030b854d2721040f394631f7d2e13af276
MD5 hash: b0148ec36fba970c4ba7efa0a1061956
MIME type:application/octet-stream
Signature Smoke Loader
File name:publisher.cpp
File size:323'374 bytes
SHA256 hash: 95ec792c11c1c4a311d122d613342fab432bc601ce40226bc08b3a66a685412d
MD5 hash: 95308003fa7ca6821e928dc369ef3f11
MIME type:application/octet-stream
Signature Smoke Loader
File name:avg.c
File size:185'629 bytes
SHA256 hash: 790508ea2285cbb047bba85d5fe8c08cd98b031897d1d776d3b3de488c49bd89
MD5 hash: 9faffb076fb907bbc1135cf5e09a6ebf
MIME type:application/octet-stream
Signature Smoke Loader
File name:TVPTTYKXI0OO8T
File size:445'141 bytes
SHA256 hash: 89446e1d03c3def496f116d313d41ed82b6f496f1f494e24fac8f8acaaa38525
MD5 hash: 85991f0a283b83400e46fade4f21fd6a
MIME type:text/plain
Signature Smoke Loader
File name:mediator.c
File size:129'806 bytes
SHA256 hash: db01d1942c3fc8519cd170b63b00f3f8fee07a063de96634ca816704eb31c9c0
MD5 hash: b6d3f8192680b5bf0c80f4fca3ea8b30
MIME type:application/octet-stream
Signature Smoke Loader
File name:layout.cpp
File size:135'106 bytes
SHA256 hash: 42b7812bdedfe1f4964f575e9e03a647edad7974697bacb160a2c83e54eb0794
MD5 hash: 44cdf145579a40d9fc05ea3603dd94b6
MIME type:application/octet-stream
Signature Smoke Loader
File name:axis.cpp
File size:385'283 bytes
SHA256 hash: 0acf18a5326d9e19f37ac80f07344c715e667ad8bb17a44c227368f6c9559bea
MD5 hash: 724a75575b54d7a58a1a5da61600c32a
MIME type:application/octet-stream
Signature Smoke Loader
File name:load.c
File size:253'244 bytes
SHA256 hash: 617d95025560166bd2b7702e679ad7583ea0e791684b99ea8e0c64da36105984
MD5 hash: e663aca81ff038d7755d6402ef135f4c
MIME type:application/octet-stream
Signature Smoke Loader
File name:prettier.bin
File size:124'325 bytes
SHA256 hash: 8e461f205e7fbce8671e7d12d31a9daaea9aa4a984cb01d7775f8da838c29237
MD5 hash: 3005bc8ea2259f04c77774dd846612d0
MIME type:application/octet-stream
Signature Smoke Loader
File name:depot.cpp
File size:202'577 bytes
SHA256 hash: 1c78cb7f9dfeb032de50a3d89a61556f4cf6add88c3ecbe0722748314c07d2c5
MD5 hash: 31cf2f63fb85ed9552b341b064eadf2c
MIME type:application/octet-stream
Signature Smoke Loader
File name:jest.c
File size:359'672 bytes
SHA256 hash: 7013cedff7c9d05300df8256ca931639909b851251a352ac8a3be6aa7b9433a0
MD5 hash: e0a69e4ac6784462696deb73029e5879
MIME type:application/octet-stream
Signature Smoke Loader
File name:runner.bin
File size:322'835 bytes
SHA256 hash: cd70bbdd7fb778accba9ee3d42be8f93ee1d4ab03e1d8e88aba9ce93c0705b5f
MD5 hash: 02f0d716fc689cebd11272f30bcefd51
MIME type:application/octet-stream
Signature Smoke Loader
File name:nonce.c
File size:185'784 bytes
SHA256 hash: ebf27fdd8cee955e00c5df0a5156641d7de4752d32032cf1fb276dc3976949a0
MD5 hash: cf32fe299bded9862b051fb9ff3eac83
MIME type:application/octet-stream
Signature Smoke Loader
File name:serverfactory.c
File size:356'198 bytes
SHA256 hash: 2fbe628e82b9087aae6af954a2a0f9d43400a4fc882ef0a9aedff003de3b42ba
MD5 hash: b68eb81dc5107509fb6e82ba9ad54bba
MIME type:application/octet-stream
Signature Smoke Loader
File name:sys.cpp
File size:344'762 bytes
SHA256 hash: a88c30a711ad2fd998991d15849e93352de1edb09c48edd7b55b1a23a0310b1b
MD5 hash: 4ed9e945c9b26095628e38a8cc25d329
MIME type:application/octet-stream
Signature Smoke Loader
File name:rdflib.cpp
File size:222'149 bytes
SHA256 hash: acaee3822e769dc071569179e163b4833c0620ed9bc79cf8b0e5e32cc0c95319
MD5 hash: 953afe34a9800105fc5d3b0f154071b9
MIME type:application/octet-stream
Signature Smoke Loader
File name:accel.c
File size:253'203 bytes
SHA256 hash: 29c34fbcd2be22bd2fee04f550cc4c7272f7fc0c17ab8311b5ff4e7dc39f539c
MD5 hash: a5b9525f58bd3c9530538e09027b5b03
MIME type:application/octet-stream
Signature Smoke Loader
File name:api.c
File size:157'661 bytes
SHA256 hash: 9d298e03abd433eb36da688d7cd88c989793dadb88a3626fff4e3710ed95a6e3
MD5 hash: 5eb6a05a5a077dac0bb7e53fd6a88428
MIME type:application/octet-stream
Signature Smoke Loader
File name:validator.c
File size:266'296 bytes
SHA256 hash: 6a0efd82ceb8534977a470bf894e9e235a6d452e35d99310df5e93a63da7d683
MD5 hash: 04976bd5c7a7db671e220e84b9bf0e40
MIME type:application/octet-stream
Signature Smoke Loader
File name:receiver.bin
File size:118'365 bytes
SHA256 hash: 66460e5ee45eb4283b17adbca987ad8dfcf9cd7f724089cfdebc233adc8c48af
MD5 hash: 99852b1045d6ba47d041a577cce05a85
MIME type:application/octet-stream
Signature Smoke Loader
File name:tick.cpp
File size:384'894 bytes
SHA256 hash: 20319b6b5ffb0efee4c0983007fbcabe0c355f6edf0f3a7a1c17490964c1e4cf
MD5 hash: 802d9da18d80b84395bb867b2e3c17c5
MIME type:application/octet-stream
Signature Smoke Loader
File name:SIAS6O7EBADLOJ
File size:575'062 bytes
SHA256 hash: 4369146985f63cdb9783078254eb3c7d483fdeb6a404f6de0e1219be68b10062
MD5 hash: 479811667b984df96130db4446589b7c
MIME type:text/plain
Signature Smoke Loader
File name:prettier.cpp
File size:345'657 bytes
SHA256 hash: e407e4edeb225607d6772301496a3cb31b362e321dd41454a14f08735e03039f
MD5 hash: 8e6bc756091355adf14a82f8782f77d6
MIME type:application/octet-stream
Signature Smoke Loader
File name:mask.bin
File size:329'773 bytes
SHA256 hash: c3010091fa2320ad22473687f1031411046979a21013341965263e14cd5682de
MD5 hash: 0303869117a4eaedc1d82d594296a806
MIME type:application/octet-stream
Signature Smoke Loader
File name:sensor.bin
File size:311'379 bytes
SHA256 hash: fee698fccc13fa126ba35f71507b765281da044fe97be65984eabf1d4ce48590
MD5 hash: 61c6232a9ae511c79609572726d48fa3
MIME type:application/octet-stream
Signature Smoke Loader
File name:switch.cpp
File size:274'066 bytes
SHA256 hash: 898007430fa39dba3874ce82f8958d945ea73e580227aa1ad8697e094c183f49
MD5 hash: fec68f23a9541430449b7ec34b8e28fd
MIME type:application/octet-stream
Signature Smoke Loader
File name:setup.exe
File size:699'768 bytes
SHA256 hash: 715b4174065916a6412f60b3c10664b323dc737fd717ab09627083be34626fe0
MD5 hash: 6669e10c960f6c2297bcd3d5a27412aa
MIME type:application/x-dosexec
Signature Smoke Loader
File name:loadbalancer.bin
File size:334'822 bytes
SHA256 hash: 85f58ebae1fde4533c57802f9a0c616a81f8ec45c6d358ba67c74b2fac0f9d85
MD5 hash: dd1969bf40cff9394570c95005bf7649
MIME type:application/octet-stream
Signature Smoke Loader
File name:metric.bin
File size:117'543 bytes
SHA256 hash: 4ef5d32775e4e013037eafd883538fddfc3e2dd31e230471798438d71aa28bac
MD5 hash: 2149a2cd6d350e040d751bf47ea6b1d8
MIME type:application/octet-stream
Signature Smoke Loader
File name:returning.bin
File size:306'101 bytes
SHA256 hash: 99f0608c69e3629a1326aeafd32caa65d3e15d2aa0a90d37049ee78fbde4d3f2
MD5 hash: c318ff6f503a61de8bebe80a3b282861
MIME type:application/octet-stream
Signature Smoke Loader
File name:relay.c
File size:173'413 bytes
SHA256 hash: 75abb71730e92d6dc12596b4b5d8402c7ae646c67d080678fa911a0b3001af01
MD5 hash: cc84023e941743a2e87673d59de3c5b8
MIME type:application/octet-stream
Signature Smoke Loader
File name:sector.c
File size:233'084 bytes
SHA256 hash: 8648d3df98558fe32a2a6de75af24601b0cfaf51e1d6d4f6b224a8d58eb4beef
MD5 hash: c075a9dcaba910adfd8570e0a877b0c6
MIME type:application/octet-stream
Signature Smoke Loader
File name:README.txt
File size:24 bytes
SHA256 hash: 2c518b8dfc45b4bf7dd99ddb0cf7954ce33a40839639cb0ad1d2edaa134a37fb
MD5 hash: 5c72ce2fdf580991c004e2684f6a2c7c
MIME type:text/plain
Signature Smoke Loader
File name:chainofresponsibility.bin
File size:357'156 bytes
SHA256 hash: 60757497d6e35ce503d508572ccaca8719a56d0f66bc7dadf4b9514d73aac094
MD5 hash: e96e7ac674dbde8e4ad39319dbad0262
MIME type:application/octet-stream
Signature Smoke Loader
File name:install.c
File size:387'978 bytes
SHA256 hash: e3396b876bab25682a298f20b2ebbfaf19da544a344248f916c68b8fc6129fc1
MD5 hash: 0956d5ab51da732b233be84c83d79b8a
MIME type:application/octet-stream
Signature Smoke Loader
File name:writer.cpp
File size:143'363 bytes
SHA256 hash: 796a7c38d529eb225e6ca7ffa8d28b5e8193ed00ba8c36b73b1a441ce7643d0d
MD5 hash: 1de84216f9c8a1da52ce79b2b2c96bbc
MIME type:application/octet-stream
Signature Smoke Loader
File name:rest.bin
File size:128'202 bytes
SHA256 hash: 25f48ea716870630218837da7f3d7d0e814c01d1a6b5c409b665d94996571988
MD5 hash: 73ada6cecbb44b90b90fb528454f7779
MIME type:application/octet-stream
Signature Smoke Loader
File name:2WS7VSLXY1OWOYM
File size:115'920 bytes
SHA256 hash: 6097b4adb910a64c25ed80d9c9c52b04284c7044f6ed77a203c3eaa13866b21d
MD5 hash: 2acc1bb9e288ad3ded9ec20fa35a7d97
MIME type:text/plain
Signature Smoke Loader
File name:resque.cpp
File size:389'819 bytes
SHA256 hash: 1370f58ef09b0377070ac1a77a66ab103dc3a1b5bc0ad10f79e638132c9791d4
MD5 hash: e8e176ce9f55302a83f2a8b5a72c0765
MIME type:application/octet-stream
Signature Smoke Loader
File name:scoped.cpp
File size:140'536 bytes
SHA256 hash: a2fb406dc24ffb7cd60993f03ed063b8fa4a643dc19f8bb6f6fe26f3cbe2e625
MD5 hash: 60289d04cee7a41441f43a433087400b
MIME type:application/octet-stream
Signature Smoke Loader
File name:outro.c
File size:341'032 bytes
SHA256 hash: 378d7176b77c615206e701e538fe694c84932253d31a2726d9dcff06a937a9cb
MD5 hash: be8e850c81f9750fceb46a0cbacdda55
MIME type:application/octet-stream
Signature Smoke Loader
File name:orig.cpp
File size:337'707 bytes
SHA256 hash: 2b5b2f1ee71c2499e2bd602b9b28641544945e8e3d18e14a430b4df05e9ad92c
MD5 hash: f326ac043bdd723aed0fcb7fadfc6cfd
MIME type:application/octet-stream
Signature Smoke Loader
File name:dec.c
File size:327'475 bytes
SHA256 hash: 61043b1f9f4efa7c0df26c24d546fa331675035bf82d5d40eff119b5a567bc5d
MD5 hash: b5db5dc546b873e264d8b3b2afe89d38
MIME type:application/octet-stream
Signature Smoke Loader
File name:applicationcontroller.c
File size:188'289 bytes
SHA256 hash: 2e901547c49e6a9d68785927cc2a6817f7ddde5356e26bb3bc18522021a240a3
MD5 hash: bd5093141f0f44e1f5bc70977967b4ba
MIME type:application/octet-stream
Signature Smoke Loader
File name:blur.bin
File size:343'762 bytes
SHA256 hash: 8783b6ae46f3deb0af31eb03acd22f7d1b24fbdfc248cfa40082dee23565fd2e
MD5 hash: 6488d80d1c4326649b435ba9c4c292e9
MIME type:application/octet-stream
Signature Smoke Loader
File name:mux.c
File size:364'876 bytes
SHA256 hash: a0acb887316c31ec2d22592ecfd0f0167e86a8af770b13e0bb3b0e783b6bb164
MD5 hash: e283a12f8029322ba999b8b819166f58
MIME type:application/octet-stream
Signature Smoke Loader
File name:victoria.c
File size:268'112 bytes
SHA256 hash: f3c0a65a3e32353d69d25f12bca33e165920b9611c9c5d8be009d2dbd111c1e3
MD5 hash: 700f3534902056f2ab39756df9102734
MIME type:application/octet-stream
Signature Smoke Loader
File name:store.c
File size:280'808 bytes
SHA256 hash: 78342014aec01dcbd1f373aa63f9585dc97b6787b67c00f5b379752a2dedf263
MD5 hash: 259a64acc5a2a102729dfbcd1c0ef3d0
MIME type:application/octet-stream
Signature Smoke Loader
File name:anchor.bin
File size:383'450 bytes
SHA256 hash: 883f31923b03054c982288e1089c81bab730ccaf326b8e02b00783d23c756407
MD5 hash: fac3b6fdde99c2987f6898adead4ab7d
MIME type:application/octet-stream
Signature Smoke Loader
File name:fifo.cpp
File size:293'322 bytes
SHA256 hash: 373459e2156d8e9044d787736a8b4eef078655fb93f05792dd3711e74cf0df24
MD5 hash: 80fcc39539ddc7ee1318b34cdf058b5d
MIME type:application/octet-stream
Signature Smoke Loader
File name:scoped.c
File size:382'966 bytes
SHA256 hash: ba2d67577a1e29c4826f889717db01a55105b147d8165f43304d305af0ef7743
MD5 hash: 6604278dc52a0a58e80390a22eab441d
MIME type:application/octet-stream
Signature Smoke Loader
File name:gjk.bin
File size:133'950 bytes
SHA256 hash: ee68e61c9895507f3e4e1b64d019f9bab89138a6bd443da2e43b7cead0318165
MD5 hash: 6fa372eaf6487da561bbc72012a4e349
MIME type:application/octet-stream
Signature Smoke Loader
File name:mpclient.dll
File size:1'917'800 bytes
SHA256 hash: aa0083f662f055e8d911c5de3a8f3a31b3c84cacc7dccc30c98f2be14dba4102
MD5 hash: 0ea6e63015a208bb4671e148ec9bdde3
MIME type:application/x-dosexec
Signature Smoke Loader
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/93f1e51a-4e63-43b7-9398-36b5cf46dc75/
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69ebdb9a4aed15d07930024d
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428
Verdict:
Unknown
File Type:
rar
Link:
https://opentip.kaspersky.com/8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428/results?tab=lookup
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428/
Threat name:
Win32.Trojan.Qwexlafiba
Create hunting rule
Status:
Malicious
First seen:
2026-04-24 21:04:43 UTC
File Type:
Binary (Archive)
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rwwhs37y6jmgr4a2btp25t6k37ne5za7is3rwh6sumgecsjiwqua._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Smoke Loader

rar 8dac796ff8f25868f01a0cdfaecfcadfda4ee41f44b71b1fd2a30c414928b428

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3830598/
  
URLhaus
https://urlhaus.abuse.ch/url/3830600/

Comments