Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6f5f3416324b35cbe48f45a54a43454adddedc38703fcebafda9c610a7c8078b

  • Size

    352KB

  • Sample

    220128-tyjy6sghb4

  • MD5

    b8325b86a517c7b3ac4de4ec6911d25c

  • SHA1

    24dafdc0cca4ac80e0f262b39d86663ffec35717

  • SHA256

    6f5f3416324b35cbe48f45a54a43454adddedc38703fcebafda9c610a7c8078b

  • SHA512

    de88e08bdd08effa6294440593051326f2adc331e38359b2c7d0a19c35508c826a43469ddf7cf459a9a818830eba735e938fc91050213d833bc44a41ae8f330d

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://host-data-coin-11.com/

http://file-coin-host-12.com/
rc4.i32
rc4.i32

Targets

    • Target

      6f5f3416324b35cbe48f45a54a43454adddedc38703fcebafda9c610a7c8078b

    • Size

      352KB

    • MD5

      b8325b86a517c7b3ac4de4ec6911d25c

    • SHA1

      24dafdc0cca4ac80e0f262b39d86663ffec35717

    • SHA256

      6f5f3416324b35cbe48f45a54a43454adddedc38703fcebafda9c610a7c8078b

    • SHA512

      de88e08bdd08effa6294440593051326f2adc331e38359b2c7d0a19c35508c826a43469ddf7cf459a9a818830eba735e938fc91050213d833bc44a41ae8f330d

    Score
    10/10
    smokeloaderbackdoortrojan

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks