Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b85a870de7fac116ef22cb5ad14a3081ac3f441fcf375da281b816917545cdf3

  • Size

    196KB

  • Sample

    220925-blv7kacfd6

  • MD5

    c635e36702219eb5beb92cfe391b259d

  • SHA1

    bd499762966d5f13b5743ebd365fa459780c69a6

  • SHA256

    b85a870de7fac116ef22cb5ad14a3081ac3f441fcf375da281b816917545cdf3

  • SHA512

    a9defa3231331dbe30299b40e7ebd5f0abd5e59ba2d3db69bc8e478db9ca6e811382126d5dac5d658299139ddcde9c346bd08fb595dd7426297d2fe3464a9bdb

  • SSDEEP

    3072:J3iIoL3gpxZN5wZnmW4Or0JVttsP8EW8YPBSR6Ur9/PkkXx:kLqxunmx60Fe0ElYG6Ur

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      b85a870de7fac116ef22cb5ad14a3081ac3f441fcf375da281b816917545cdf3

    • Size

      196KB

    • MD5

      c635e36702219eb5beb92cfe391b259d

    • SHA1

      bd499762966d5f13b5743ebd365fa459780c69a6

    • SHA256

      b85a870de7fac116ef22cb5ad14a3081ac3f441fcf375da281b816917545cdf3

    • SHA512

      a9defa3231331dbe30299b40e7ebd5f0abd5e59ba2d3db69bc8e478db9ca6e811382126d5dac5d658299139ddcde9c346bd08fb595dd7426297d2fe3464a9bdb

    • SSDEEP

      3072:J3iIoL3gpxZN5wZnmW4Or0JVttsP8EW8YPBSR6Ur9/PkkXx:kLqxunmx60Fe0ElYG6Ur

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks