Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3f5a8a103e8b37478c8aa1f8fc87961542f03859042f1b90227572f3f5599bd

  • Size

    196KB

  • Sample

    220925-beftascfb5

  • MD5

    dcb0d2aa2e94a5292b73c2113462b38d

  • SHA1

    fd904e9ed2361dc2b019c5fbeadccd9ffba5f0d2

  • SHA256

    e3f5a8a103e8b37478c8aa1f8fc87961542f03859042f1b90227572f3f5599bd

  • SHA512

    90e8cfd64bc5222117ed44488a0e5a5a5c7fe05645d847f58b062798f03344a46954d948998b9ed971ed7cbc2b086ee6ae8c7e58a226b1cb42f40dfad4cfc6dc

  • SSDEEP

    3072:ukwJBL4VPtwN5IEq7QttM+2pnIqbi1hBIxl2+pfL/PkkXx:kLEtb+2pI1cXNZ

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      e3f5a8a103e8b37478c8aa1f8fc87961542f03859042f1b90227572f3f5599bd

    • Size

      196KB

    • MD5

      dcb0d2aa2e94a5292b73c2113462b38d

    • SHA1

      fd904e9ed2361dc2b019c5fbeadccd9ffba5f0d2

    • SHA256

      e3f5a8a103e8b37478c8aa1f8fc87961542f03859042f1b90227572f3f5599bd

    • SHA512

      90e8cfd64bc5222117ed44488a0e5a5a5c7fe05645d847f58b062798f03344a46954d948998b9ed971ed7cbc2b086ee6ae8c7e58a226b1cb42f40dfad4cfc6dc

    • SSDEEP

      3072:ukwJBL4VPtwN5IEq7QttM+2pnIqbi1hBIxl2+pfL/PkkXx:kLEtb+2pI1cXNZ

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks