Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b1ee5c82c7544d67b0d3683a3af58f9c3792172ae775c310321a50858128749

  • Size

    294KB

  • Sample

    211125-jewhrahgh7

  • MD5

    bd6d9d4486f620331b874e14b102a44e

  • SHA1

    5f507ab52908b470270d234bed58467f5823c493

  • SHA256

    4b1ee5c82c7544d67b0d3683a3af58f9c3792172ae775c310321a50858128749

  • SHA512

    285d3207ef6b095549e90da1cd858268a7e91f4d19fb37142d0ac394c9d012771eea7d14da8fab33bbefe27663a6162827046179f5932796e6a33f16fa96fe52

Score
10/10
smokeloadersystembcbackdoorcollectionevasiontrojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://membro.at/upload/

http://jeevanpunetha.com/upload/

http://misipu.cn/upload/

http://zavodooo.ru/upload/

http://targiko.ru/upload/

http://vues3d.com/upload/

https://cinems.club/search.php

https://clothes.surf/search.php
rc4.i32
rc4.i32
rc4.i32
rc4.i32

Extracted

Family

systembc

C2

178.20.41.173:4001

Targets

    • Target

      4b1ee5c82c7544d67b0d3683a3af58f9c3792172ae775c310321a50858128749

    • Size

      294KB

    • MD5

      bd6d9d4486f620331b874e14b102a44e

    • SHA1

      5f507ab52908b470270d234bed58467f5823c493

    • SHA256

      4b1ee5c82c7544d67b0d3683a3af58f9c3792172ae775c310321a50858128749

    • SHA512

      285d3207ef6b095549e90da1cd858268a7e91f4d19fb37142d0ac394c9d012771eea7d14da8fab33bbefe27663a6162827046179f5932796e6a33f16fa96fe52

    Score
    10/10
    smokeloadersystembcbackdoorcollectionevasiontrojan

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Deletes itself

    • Drops startup file

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks