smokeloader | 96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948
Size

250KB
Sample

220913-pflb3abchq
MD5

1778c38a3ae1e715c9878cceefddec3a
SHA1

12bc6cfb0daa84de6623da61d95a6ab369e29b8a
SHA256

96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948
SHA512

eced7a4ad4b8753e63202f9f897ea996e9f5c4f94dcea31ed313c3fe7c5b777638be8b87fa4de7dc193329f73df28ff660e02d494532975e784424991efa1bac
SSDEEP

6144:CMS/nuNc+u7QTe8Ng4gm8f6OIZYj7ZyLX:lSuK+u7QTe8Ng48f6xZY

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948
- Size
  
  250KB
- MD5
  
  1778c38a3ae1e715c9878cceefddec3a
- SHA1
  
  12bc6cfb0daa84de6623da61d95a6ab369e29b8a
- SHA256
  
  96e99d6aa19f24883d722ff24a313295883459ee7ea2ba68adb478f0cc63e948
- SHA512
  
  eced7a4ad4b8753e63202f9f897ea996e9f5c4f94dcea31ed313c3fe7c5b777638be8b87fa4de7dc193329f73df28ff660e02d494532975e784424991efa1bac
- SSDEEP
  
  6144:CMS/nuNc+u7QTe8Ng4gm8f6OIZYj7ZyLX:lSuK+u7QTe8Ng48f6xZY
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy