Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ffa14785456dd37bd345f7a693ffb4f1c78aa4142c7c81eb82f3b1577fe00a20

  • Size

    196KB

  • Sample

    220924-3abgkacdd4

  • MD5

    c96b96b2e16ab6a48569066dbc6baaec

  • SHA1

    a6306762ff007ff4e8fe193496d0490634d9fbee

  • SHA256

    ffa14785456dd37bd345f7a693ffb4f1c78aa4142c7c81eb82f3b1577fe00a20

  • SHA512

    d6ab7404c57d727d699eecc6709ee8b33a0ee3a8c1d9f63bb710026d56843f2a70703f2b9e33b5aea49fb11e00e9a58994199d9157d317054d9bd9136767b5d1

  • SSDEEP

    3072:8hV+hPmLTOBrFpN5wIp2Yw4vlHIs5xkus6Y1yQLRATBfq0y/PkkXx:r1mLT+F+IpRw49os+31ZK5t

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      ffa14785456dd37bd345f7a693ffb4f1c78aa4142c7c81eb82f3b1577fe00a20

    • Size

      196KB

    • MD5

      c96b96b2e16ab6a48569066dbc6baaec

    • SHA1

      a6306762ff007ff4e8fe193496d0490634d9fbee

    • SHA256

      ffa14785456dd37bd345f7a693ffb4f1c78aa4142c7c81eb82f3b1577fe00a20

    • SHA512

      d6ab7404c57d727d699eecc6709ee8b33a0ee3a8c1d9f63bb710026d56843f2a70703f2b9e33b5aea49fb11e00e9a58994199d9157d317054d9bd9136767b5d1

    • SSDEEP

      3072:8hV+hPmLTOBrFpN5wIp2Yw4vlHIs5xkus6Y1yQLRATBfq0y/PkkXx:r1mLT+F+IpRw49os+31ZK5t

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks